1. 首頁
  2. 問答
  3. 功能僅掛接鉤子的recv()和不使用迂迴

功能僅掛接鉤子的recv()和不使用迂迴

2014-06-20 60 views
0

我打了一些彎路,功能掛鉤,我有下面的代碼一個奇怪的問題發送():功能僅掛接鉤子的recv()和不使用迂迴

基本上是,無論發生了什麼DetourTransactionCommit()是成功的,但實際上只有recv()函數被掛鉤,而發送不是,因爲OutputDebugStringA(「Sent packet!」);

從未觸發

#include "stdafx.h" 
#include "stdio.h" 
#include "WinInet.h" 
#include "tchar.h" 
#include "windows.h" 
#include "detours.h" 
#include <Winsock2.h> 
#include <WS2tcpip.h> 
#include <crtdbg.h> 

#pragma comment(lib, "detours.lib") 
#pragma comment(lib, "WinInet.lib") 
#pragma comment(lib, "ws2_32.lib") 

int (WINAPI *pSend)(SOCKET s, const char* buf, int len, int flags) = send; 
int WINAPI MySend(SOCKET s, const char* buf, int len, int flags); 

int (WINAPI *pRecv)(SOCKET s, char* buf, int len, int flags) = recv; 
int WINAPI MyRecv(SOCKET s, char* buf, int len, int flags); 


BOOL APIENTRY DllMain(HMODULE hModule, 
         DWORD ul_reason_for_call, 
         LPVOID lpReserved 
        ) 
{ 
    LONG errore; 

    switch (ul_reason_for_call) 
    { 
    case DLL_PROCESS_ATTACH: 

     DetourTransactionBegin(); 
     DetourUpdateThread(GetCurrentThread()); 
     DetourAttach(&(PVOID&)pSend, MySend); 
     if (DetourTransactionCommit() == NO_ERROR) { 
      OutputDebugStringA("Send function hooked successfully"); 
     } 
     else{ 
      OutputDebugStringA("Failed to hook Send function"); 
     } 

     DetourTransactionBegin(); 
     DetourUpdateThread(GetCurrentThread()); 
     DetourAttach(&(PVOID&)pRecv, MyRecv); 
     if (DetourTransactionCommit() == NO_ERROR) { 
      OutputDebugStringA("Recv function hooked successfully"); 
     } 
     else{ 
      OutputDebugStringA("Failed to hook Recv function"); 
     } 

    case DLL_THREAD_ATTACH: 
    case DLL_THREAD_DETACH: 
    case DLL_PROCESS_DETACH: 
     break; 
    } 

    return TRUE; 
} 

int WINAPI MySend(SOCKET s, const char* buf, int len, int flags) { 
    OutputDebugStringA("Sent packet!"); 
    return pSend(s, buf, len, flags); 
} 

int WINAPI MyRecv(SOCKET s, char* buf, int len, int flags) { 
    OutputDebugStringA("Received packet!"); 
    return pRecv(s, buf, len, flags); 
}

UPDATE: Appearently與功能問題是關係到過程中,我試圖注入DLL到。 它看起來像試圖掛鉤發送()在Internet Explorer 11 x86失敗的原因,我仍然要弄清楚。 我嘗試使用winsock2(putty)將完全相同的DLL注入到另一個程序中,並且該函數正確連接。

也許有人知道發生這種情況的原因?

來源

2014-06-20 Swappage

+0

也許鉤從未運行,因爲'發送()'不會被調用?還有'WSASend','WSASendMsg' ......多種寫入套接字的方式。 –

+0

不管'WSASend *'函數是否在引擎蓋下調用'send'? –

+0

很高興看到你的繞行功能。 –

回答

0

正如Ben Voigt指出的那樣,顯然send()並不是在Internet Explorer 11中調用的。 我試過用鉤子WSASend()代替它,它工作。

編輯的工作snipplet如下:

#include "stdafx.h" 
    #include "stdio.h" 
    #include "WinInet.h" 
    #include "tchar.h" 
    #include "windows.h" 
    #include "detours.h" 
    #include <Winsock2.h> 
    #include <WS2tcpip.h> 
    #include <crtdbg.h> 

    #pragma comment(lib, "detours.lib") 
    #pragma comment(lib, "WinInet.lib") 
    #pragma comment(lib, "ws2_32.lib") 

int(WINAPI *pWSASend) (
    SOCKET s, 
    LPWSABUF lpBuffers, 
    DWORD dwBufferCount, 
    LPDWORD lpNumberOfBytesSent, 
    DWORD dwFlags, 
    LPWSAOVERLAPPED lpOverlapped, 
    LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine) = WSASend; 

int WINAPI MyWSASend(
    SOCKET s, 
    LPWSABUF lpBuffers, 
    DWORD dwBufferCount, 
    LPDWORD lpNumberOfBytesSent, 
    DWORD dwFlags, 
    LPWSAOVERLAPPED lpOverlapped, 
    LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine); 


int (WINAPI *pRecv)(SOCKET s, char* buf, int len, int flags) = recv; 
int WINAPI MyRecv(SOCKET s, char* buf, int len, int flags); 


BOOL APIENTRY DllMain(HMODULE hModule, 
         DWORD ul_reason_for_call, 
         LPVOID lpReserved 
        ) 
{ 
    LONG errore; 

    switch (ul_reason_for_call) 
    { 
    case DLL_PROCESS_ATTACH: 

     DetourTransactionBegin(); 
     DetourUpdateThread(GetCurrentThread()); 
     DetourAttach(&(PVOID&)pWSASend, MyWSASend); 
     if (DetourTransactionCommit() == NO_ERROR) { 
      OutputDebugStringA("Send function hooked successfully"); 
     } 
     else{ 
      OutputDebugStringA("Failed to hook Send function"); 
     } 

     DetourTransactionBegin(); 
     DetourUpdateThread(GetCurrentThread()); 
     DetourAttach(&(PVOID&)pRecv, MyRecv); 
     if (DetourTransactionCommit() == NO_ERROR) { 
      OutputDebugStringA("Recv function hooked successfully"); 
     } 
     else{ 
      OutputDebugStringA("Failed to hook Recv function"); 
     } 

    case DLL_THREAD_ATTACH: 
    case DLL_THREAD_DETACH: 
    case DLL_PROCESS_DETACH: 
     break; 
    } 

    return TRUE; 
} 

int WINAPI MyWSASend(
    SOCKET s, 
    LPWSABUF lpBuffers, 
    DWORD dwBufferCount, 
    LPDWORD lpNumberOfBytesSent, 
    DWORD dwFlags, 
    LPWSAOVERLAPPED lpOverlapped, 
    LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine) 
{ 
    OutputDebugStringA("Packet Sent!"); 
    return (pWSASend)(s, lpBuffers, dwBufferCount, lpNumberOfBytesSent, dwFlags, lpOverlapped, lpCompletionRoutine); 
}; 
int WINAPI MyRecv(SOCKET s, char* buf, int len, int flags) { 
    OutputDebugStringA("Received packet!"); 
    return pRecv(s, buf, len, flags); 
}

來源

2014-06-21 12:32:59 Swappage

相關問題

 相關問題