Detouren von WSAsend und WSArecv

Samagon · 20. Januar 2012

Ich habe mich letzte Zeit ein wenig mit Detour beschäftigt und zugleich mit C++ da ich darin keine erfahrung habe. Habe jetzt vor WSAsend und WSArecv zu hooken und bin soweit gekommen wie jetzt in dem Source nur leider kriege ich keine MessageBox, wo liegt der fehler:

Spoiler anzeigen

C

// dllmain.cpp : Definiert den Einstiegspunkt für die DLL-Anwendung.
#include "stdafx.h"
#include <iostream>
#include <fstream>
#include <string>
typedef int (WINAPI* t_WSARecv)(SOCKET,LPWSABUF,DWORD,LPDWORD,LPDWORD,LPWSAOVERLAPPED,LPWSAOVERLAPPED_COMPLETION_ROUTINE);
typedef int (WINAPI* t_WSASend)(SOCKET,LPWSABUF,DWORD,LPDWORD,DWORD,LPWSAOVERLAPPED,LPWSAOVERLAPPED_COMPLETION_ROUTINE );
t_WSASend o_WSASend;
t_WSARecv o_WSARecv;
int WINAPI hook_WSARecv(SOCKET s,LPWSABUF lpBuffers,DWORD dwBufferCount,LPDWORD lpNumberOfBytesRecvd,LPDWORD lpFlags,LPWSAOVERLAPPED lpOverlapped,LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine)
{
MessageBox(NULL, NULL, NULL, MB_OK);
return o_WSARecv(s,lpBuffers,dwBufferCount,lpNumberOfBytesRecvd,lpFlags,lpOverlapped,lpCompletionRoutine);
}
int WINAPI hook_WSASend(SOCKET s,LPWSABUF lpBuffers,DWORD dwBufferCount,LPDWORD lpNumberOfBytesSent,DWORD dwFlags,LPWSAOVERLAPPED lpOverlapped,LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine)
{
MessageBox(NULL, NULL, NULL, MB_OK);
return o_WSASend(s,lpBuffers,dwBufferCount,lpNumberOfBytesSent,dwFlags,lpOverlapped,lpCompletionRoutine);
}
BOOL APIENTRY DllMain( HMODULE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved )
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
HMODULE hWS32 = LoadLibraryA( "ws2_32.dll" );
FARPROC pwsasend = GetProcAddress(hWS32,"wsasend");
FARPROC pwsarecv = GetProcAddress(hWS32,"wsarecv");
DetourCreate((LPVOID)pwsasend,hook_WSASend,5);
DetourCreate((LPVOID)pwsarecv,hook_WSARecv,5);
break;
}
return true;
}

Alles anzeigen

Teilen