簡單的數據包記錄器3.0快車

IDE /編譯器：微軟的Visual C++ 2010 Express Edition的

庫：走彎路3.0快遞

目標：寫簡單的數據包記錄器。

我的代碼：

mydll.cpp

#include <cstdio> 
#include <windows.h> 
#include <detours.h> 

#pragma comment(lib,"detours.lib") 
#pragma comment(lib,"ws2_32.lib") 

int (WINAPI *pSend)(SOCKET s, const char* buf, int len, int flags) = send; 
int WINAPI MySend(SOCKET s, const char* buf, int len, int flags); 
int (WINAPI *pRecv)(SOCKET s, char* buf, int len, int flags) = recv; 
int WINAPI MyRecv(SOCKET s, char* buf, int len, int flags); 

FILE* pSendLogFile; 
FILE* pRecvLogFile; 

int WINAPI MySend(SOCKET s, const char* buf, int len, int flags) 
{ 
    fopen_s(&pSendLogFile, "C:\\SendLog.txt", "a+"); 
    fprintf(pSendLogFile, "%s\n", buf); 
    fclose(pSendLogFile); 
    return pSend(s, buf, len, flags); 
} 

int WINAPI MyRecv(SOCKET s, char* buf, int len, int flags) 
{ 
    fopen_s(&pRecvLogFile, "C:\\RecvLog.txt", "a+"); 
    fprintf(pRecvLogFile, "%s\n", buf); 
    fclose(pRecvLogFile); 
    return pRecv(s, buf, len, flags); 
} 

BOOL WINAPI DllMain(HINSTANCE hinst, DWORD dwReason, LPVOID reserved) 
{ 
    if (DetourIsHelperProcess()) { 
     return TRUE; 
    } 

    if (dwReason == DLL_PROCESS_ATTACH) { 
     DetourRestoreAfterWith(); 

     DetourTransactionBegin(); 
     DetourUpdateThread(GetCurrentThread()); 
     DetourAttach(&(PVOID&)pRecv, MyRecv); 
     DetourTransactionCommit(); 

     DetourTransactionBegin(); 
     DetourUpdateThread(GetCurrentThread()); 
     DetourAttach(&(PVOID&)pSend, MySend); 
     DetourTransactionCommit(); 

    } 
    else if (dwReason == DLL_PROCESS_DETACH) { 
     DetourTransactionBegin(); 
     DetourUpdateThread(GetCurrentThread()); 
     DetourDetach(&(PVOID&)pRecv, MyRecv); 
     DetourTransactionCommit(); 

     DetourTransactionBegin(); 
     DetourUpdateThread(GetCurrentThread()); 
     DetourDetach(&(PVOID&)pSend, MySend); 
     DetourTransactionCommit(); 

    } 
    return TRUE; 
}

injector.cpp

#include <windows.h> 
#include <detours.h> 

#pragma comment(lib,"detours.lib") 

int main(int argc, char *argv[]) 
{ 
    STARTUPINFO si; 
    PROCESS_INFORMATION pi; 

    ZeroMemory(&si, sizeof(si)); 
    ZeroMemory(&pi, sizeof(pi)); 
    si.cb = sizeof(si); 
    si.dwFlags = STARTF_USESHOWWINDOW; 
    si.wShowWindow = SW_SHOW; 

    if(!DetourCreateProcessWithDllEx("C:\\Program Files\\Internet Explorer\\iexplore.exe", 
             NULL, NULL, NULL, TRUE, 
             CREATE_DEFAULT_ERROR_MODE | CREATE_SUSPENDED, 
             NULL, NULL, &si, &pi, 
             "C:\\Documents and Settings\\Dawid\\Pulpit\\detours_test\\Detours_test\\Release\\Detours_test.dll", NULL)) 
     MessageBox(0, "failed", 0, 0); 
    else 
     MessageBox(0, "success", 0, 0); 

    ResumeThread(pi.hThread); 

    WaitForSingleObject(pi.hProcess, INFINITE); 

    CloseHandle(&si); 
    CloseHandle(&pi); 

    return EXIT_SUCCESS; 
}

錯誤消息：

（IEXPLORE.EXE）申請

問：有什麼錯我的代碼？爲什麼我得到這個錯誤？

來源

2012-11-23 David

雖然可以推斷出你想幫助一下，居然問一個問題將是很好。 –

問題：我的代碼有什麼問題？爲什麼我得到這個錯誤？ – David

解決

我刪除功能：

DetourRestoreAfterWith();

從DLL，並添加到DLL函數：

extern "C" __declspec(dllexport) void dummy(void){ 
    return; 
}

現在，它的作品！

mydll.cpp

#include <cstdio> 
#include <windows.h> 
#include <detours.h> 

#pragma comment(lib,"detours.lib") 
#pragma comment(lib,"ws2_32.lib") 

int (WINAPI *pSend)(SOCKET s, const char* buf, int len, int flags) = send; 
int WINAPI MySend(SOCKET s, const char* buf, int len, int flags); 
int (WINAPI *pRecv)(SOCKET s, char* buf, int len, int flags) = recv; 
int WINAPI MyRecv(SOCKET s, char* buf, int len, int flags); 

FILE* pSendLogFile; 
FILE* pRecvLogFile; 

int WINAPI MySend(SOCKET s, const char* buf, int len, int flags) 
{ 
    fopen_s(&pSendLogFile, "C:\\SendLog.txt", "a+"); 
    fprintf(pSendLogFile, "%s\n", buf); 
    fclose(pSendLogFile); 
    return pSend(s, buf, len, flags); 
} 

int WINAPI MyRecv(SOCKET s, char* buf, int len, int flags) 
{ 
    fopen_s(&pRecvLogFile, "C:\\RecvLog.txt", "a+"); 
    fprintf(pRecvLogFile, "%s\n", buf); 
    fclose(pRecvLogFile); 
    return pRecv(s, buf, len, flags); 
} 

extern "C" __declspec(dllexport) void dummy(void){ 
    return; 
} 

BOOL WINAPI DllMain(HINSTANCE hinst, DWORD dwReason, LPVOID reserved) 
{ 
    if (DetourIsHelperProcess()) { 
     return TRUE; 
    } 

    if (dwReason == DLL_PROCESS_ATTACH) { 
     //DetourRestoreAfterWith(); 

     DetourTransactionBegin(); 
     DetourUpdateThread(GetCurrentThread()); 
     DetourAttach(&(PVOID&)pSend, MySend); 
     DetourTransactionCommit(); 

     DetourTransactionBegin(); 
     DetourUpdateThread(GetCurrentThread()); 
     DetourAttach(&(PVOID&)pRecv, MyRecv); 
     DetourTransactionCommit(); 
    } 
    else if (dwReason == DLL_PROCESS_DETACH) { 
     DetourTransactionBegin(); 
     DetourUpdateThread(GetCurrentThread()); 
     DetourDetach(&(PVOID&)pSend, MySend); 
     DetourTransactionCommit(); 

     DetourTransactionBegin(); 
     DetourUpdateThread(GetCurrentThread()); 
     DetourDetach(&(PVOID&)pRecv, MyRecv); 
     DetourTransactionCommit(); 
    } 
    return TRUE; 
}

injector.cpp

#include <windows.h> 
#include <detours.h> 

#pragma comment(lib,"detours.lib") 

int main(int argc, char *argv[]) 
{ 
    STARTUPINFO si; 
    PROCESS_INFORMATION pi; 

    ZeroMemory(&si, sizeof(si)); 
    ZeroMemory(&pi, sizeof(pi)); 
    si.cb = sizeof(si); 
    si.dwFlags = STARTF_USESHOWWINDOW; 
    si.wShowWindow = SW_SHOW; 

    if(!DetourCreateProcessWithDllEx("C:\\client.exe", 
             NULL, NULL, NULL, TRUE, 
             CREATE_DEFAULT_ERROR_MODE | CREATE_SUSPENDED, 
             NULL, NULL, &si, &pi, 
             "C:\\Documents and Settings\\Dawid\\Pulpit\\detours_test\\Detours_test\\Release\\Detours_test.dll", NULL)) 
     MessageBox(0, "failed", 0, 0); 
    else 
     MessageBox(0, "success", 0, 0); 

    ResumeThread(pi.hThread); 

    WaitForSingleObject(pi.hProcess, INFINITE); 

    CloseHandle(&si); 
    CloseHandle(&pi); 

    return EXIT_SUCCESS; 
}

來源

2012-11-24 12:06:52 David

簡單的數據包記錄器3.0快車

回答

相關問題