0
我正在注入一个DLL到Firefox(浏览器)和挂钩WSARecv。 问题是,数据缓冲区是Gzip压缩的。我已经尝试连接send()函数并删除“Accept-Encoding:gzip,deflate”,但许多Web服务器不会理解这一点。DLLHook - 一个字符串的GZip解压缩
所以我试图坚持解压缩缓冲区,改变一些东西,并再次压缩。因此,我挂了ZLIB.DLL和zlib.lib到我的DLL,并写了一个小包装类:
int CGZip::DecompressString(char* src, int srcLen, char** destination, int* destLen)
{
//Define the source, destination, source length, and destination length
char *dest= new char[(unsigned int)destLen];
//Decompress the string in src and place it in dest
int result=uncompress((unsigned char *)dest,(uLongf*)destLen,(const unsigned char *)src,srcLen);
//Return the results of the decompression
*destination = dest;
return(result);
}
但是当我包括减压成钩状的WSARecv我的DLL将不会再加载(无DLL_PROCESS_ATTACH是所谓的)。当我删除以下5行dll会再次加载。
szUncompressed = (char*)malloc((size_t)lpBuffers->len * 100);
CGZip *ziphandler = new CGZip();
ziphandler->DecompressString(lpBuffers->buf, lpBuffers->len, &szUncompressed, &iUncompressedLength);
szUncompressed[iUncompressedLength] = '\0';
任何想法为什么DLL不再加载,或者我怎么能轻松解压缩和压缩数据缓冲区?
在此先感谢:)