[Question]Sniff real send function / sent packets

03/30/2013 13:51 nonosocr1986#1
hello again ^^ , sorry for posting too much threads but i really need some help here xD , how can i hook real send function (where packets are still unencrypted) ?

thanks =]
03/30/2013 15:24 syntex#2
where is the difference between real send and send hahahahhaha? so funny
03/30/2013 16:10 bloodx#3
oh my gosh it's a syntex :O! :D


DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)send, yoursend);
DetourTransactionCommit();
03/30/2013 20:26 nonosocr1986#4
Quote:
Originally Posted by bloodx View Post
oh my gosh it's a syntex :O! :D


DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)send, yoursend);
DetourTransactionCommit();
I'll be a liar if I told u I understood xD , but tnx for replying , can I sniff sent packet via ollydbg ? , I've tried that already but I dunno where to breakpoint :/

just like meak1 in this post :
[Only registered and activated users can see links. Click Here To Register...]
03/30/2013 22:47 meak1#5
just breakpoint on send lol
03/30/2013 22:54 RunzelEier#6
Quote:
Originally Posted by bloodx View Post
oh my gosh it's a syntex :O! :D


DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)send, yoursend);
DetourTransactionCommit();
ohhhhh ms detours 3.0 :D
03/30/2013 23:54 nonosocr1986#7
Quote:
Originally Posted by meak1 View Post
just breakpoint on send lol
ye i know i have to breakpoint on send but i'm having troubles finding send address :S , i'm trying it on p.server btw
03/31/2013 00:55 meak1#8
strg + g and type 'send' ? so hard? lol
03/31/2013 01:26 EddyGER#9
Quote:
Originally Posted by meak1 View Post
strg + g and type 'send' ? so hard? lol
ctrl :)
03/31/2013 01:51 meak1#10
its denglish
03/31/2013 16:12 nonosocr1986#11
Quote:
Originally Posted by meak1 View Post
strg + g and type 'send' ? so hard? lol
Sorry for being so rude xD , but I've tried that already , it's throwing me to send @ ws2 , where packets are encrypted I believe, and in the picture you posted it's send @ engine where packets still unencrypted , Ty again =]
03/31/2013 16:41 meak1#12
write in chat and breakpoint 'send' jump backwards and watch Arg's till its uncrypted.
04/02/2013 13:59 nonosocr1986#13
Quote:
Originally Posted by meak1 View Post
write in chat and breakpoint 'send' jump backwards and watch Arg's till its uncrypted.
thank you again , but i'm trying to breakpoint send for 2 days with no luck -.- , my engine is always crashing (look @ image) , i've tried all ollydbg editions :S
04/02/2013 18:20 meak1#14
lol u cant english?

u just need to start ollydbg with admin rights -.-#
04/02/2013 18:25 nonosocr1986#15
Quote:
Originally Posted by meak1 View Post
lol u cant english?

u just need to start ollydbg with admin rights -.-#
lol i did xD , with no luck :\