1
我想学习钩子,并且只想钩住.exe的send/recv函数。C++ hooking ws2_32.dll recv
我建设项目作为一个.dll文件,然后将其注入到.EXE
现在我的问题是我坚持。
我能够顺利地找到地址recv函数,接下来我想查看通过接收数据包..
小指南请在下一步做什么.. 这是我的.cpp
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include "dll.h"
#include <Winsock.h>
#pragma warning(disable:4996)
#pragma comment (lib,"ws2_32.lib")
typedef int(*WINAPI oldsend)(SOCKET s, const char* buf, int len, int flags);
void Proc_Attach()
{
DWORD dwProtect;
HINSTANCE hLib = LoadLibrary(L"WS2_32.dll");
DWORD OldFuncAddr = (DWORD)GetProcAddress(hLib, "recv");
WCHAR szTest[100]; // WCHAR is the same as wchar_t
// swprintf_s is the same as sprintf_s for wide characters
swprintf_s(szTest, 100, L"%d", OldFuncAddr); // use L"" prefix for wide chars
MessageBox(0, szTest, L"A", MB_ICONINFORMATION);
//MessageBox(0, L" Process Attached!\n", L"Hi", MB_ICONINFORMATION);
}
BOOL APIENTRY DllMain(HINSTANCE hInst /* Library instance handle. */,
DWORD reason /* Reason this function is being called. */,
LPVOID reserved /* Not used. */)
{
switch (reason)
{
case DLL_PROCESS_ATTACH:
Proc_Attach();
break;
case DLL_PROCESS_DETACH:
break;
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
break;
}
return TRUE;
}
头文件
#pragma once
#ifndef _DLL_H_
#define _DLL_H_
#if BUILDING_DLL
# define DLLIMPORT __declspec (dllexport)
#else /* Not BUILDING_DLL */
# define DLLIMPORT __declspec (dllimport)
#endif /* Not BUILDING_DLL */
DLLIMPORT void Proc_Attach(void);
#endif /* _DLL_H_ */