You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am able to hook the send() function and have it working, but the recv() function does not seem to hook. First to verify, I used API Monitor to check that indeed the application is calling recv. Nothing is logged to the file, (appendToFile works in the hooked send when I was using it)
Here is the DllMain where I attach. DetourTransactionCommit returns successfully.
staticint (WINAPI *MegaRecv)(SOCKET s, char *buf, int len, int flags) = recv;
staticint (WINAPI *MegaSend)(SOCKET s, constchar *buf, int len, int flags) = send;
BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpReserved)
{
if (DetourIsHelperProcess())
{
returnTRUE;
}
LONG error;
switch (fdwReason)
{
case DLL_PROCESS_ATTACH:
// Hook the send and recv functionsLoadProxy();
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID &)MegaSend, HookedSend);
DetourAttach(&(PVOID &)MegaRecv, HookedRecv);
error = DetourTransactionCommit();
if (error == NO_ERROR)
{
appendToFile(".\\log.txt", "Hooks attached.");
}
else
{
appendToFile(".\\log.txt", "Hooks not attached: " + error);
}
break;
case DLL_PROCESS_DETACH:
// Unhook the functionsDetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID &)MegaSend, HookedSend);
DetourDetach(&(PVOID &)MegaRecv, HookedRecv);
DetourTransactionCommit();
appendToFile(".\\log.txt", "Detaching process.");
// Terminate the processif (pi.hProcess != NULL)
{
TerminateProcess(pi.hProcess, 0);
}
CloseHandle(pi.hProcess);
CloseHandle(pi.hThread);
CloseHandle(proxyPipe);
break;
}
returnTRUE;
}
Here is my Hooked Send and Receive:
// Hooked send functionint WINAPI HookedSend(SOCKET s, constchar *buf, int len, int flags)
{
SendMessageToProxy(buf, len);
DWORD bytes;
constchar* ret = ReceiveMessageFromProxy(&bytes);
int result = 0;
if (bytes > 0) {
result = MegaSend(s, ret, bytes, flags);
}
delete[] ret;
return (result > 0) result : len; // always indicate that we cleared the buffer of the original amount
}
// Hooked recv functionint WINAPI HookedRecv(SOCKET s, char* buf, int len, int flags)
{
appendToFile(".\\log.txt", "receive");
// Call the original recv functionint result = MegaRecv(s, buf, len, flags);
// Modify the buffer (e.g., log, modify, filter data)if (result > 0) {
appendToFile(".\\receive.txt", buf);
// Modify buf here if needed
}
return result;
}
The text was updated successfully, but these errors were encountered:
In case others come across this. Even though API Monitor said it is doing a recv() it was really doing a WSARecv(). I have no clue why it would say that incorrectly.
I am able to hook the
send()
function and have it working, but therecv()
function does not seem to hook. First to verify, I used API Monitor to check that indeed the application is callingrecv
. Nothing is logged to the file, (appendToFile
works in the hooked send when I was using it)Here is the DllMain where I attach.
DetourTransactionCommit
returns successfully.Here is my Hooked Send and Receive:
The text was updated successfully, but these errors were encountered: