Hi guys,
I am trying to learn hooking and want to hook only an .exe's send/recv function.
I'm building the project as a .dll and then injecting it to the .exe
Now my problem is I am stuck.
I am able to successfully find the address for recv function, next I would like to see the packets that's being received..
A little guide pls on what to do next..
This is my .cpp
header file
I am trying to learn hooking and want to hook only an .exe's send/recv function.
I'm building the project as a .dll and then injecting it to the .exe
Now my problem is I am stuck.
I am able to successfully find the address for recv function, next I would like to see the packets that's being received..
A little guide pls on what to do next..
This is my .cpp
Code:
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include "dll.h"
#include <Winsock.h>
#pragma warning(disable:4996)
#pragma comment (lib,"ws2_32.lib")
typedef int(*WINAPI oldsend)(SOCKET s, const char* buf, int len, int flags);
void Proc_Attach()
{
DWORD dwProtect;
HINSTANCE hLib = LoadLibrary(L"WS2_32.dll");
DWORD OldFuncAddr = (DWORD)GetProcAddress(hLib, "recv");
WCHAR szTest[100]; // WCHAR is the same as wchar_t
// swprintf_s is the same as sprintf_s for wide characters
swprintf_s(szTest, 100, L"%d", OldFuncAddr); // use L"" prefix for wide chars
MessageBox(0, szTest, L"A", MB_ICONINFORMATION);
//MessageBox(0, L" Process Attached!\n", L"Hi", MB_ICONINFORMATION);
}
BOOL APIENTRY DllMain(HINSTANCE hInst /* Library instance handle. */,
DWORD reason /* Reason this function is being called. */,
LPVOID reserved /* Not used. */)
{
switch (reason)
{
case DLL_PROCESS_ATTACH:
Proc_Attach();
break;
case DLL_PROCESS_DETACH:
break;
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
break;
}
return TRUE;
}
Code:
#pragma once #ifndef _DLL_H_ #define _DLL_H_ #if BUILDING_DLL # define DLLIMPORT __declspec (dllexport) #else /* Not BUILDING_DLL */ # define DLLIMPORT __declspec (dllimport) #endif /* Not BUILDING_DLL */ DLLIMPORT void Proc_Attach(void); #endif /* _DLL_H_ */
