神
神经蛋白质
Unregistered / Unconfirmed
GUEST, unregistred user!
在做hook send 和 recv 的时候。<br>hook send 成功!<br>用同样的方法去hook recv,<br>但是recv得不到数据。在网上搜索了很久。得知hook Recv要在尾部进行。<br>不知道怎么在尾部来HOOK。请大虾们指教下。贴出hook recv代码!<br><br>function MySend(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;<br>var<br> dwSize: cardinal;<br>begin<br> ShowMessage('发送封包长度:'+inttostr(len));//显示发送长度 这里体现数据正确的。<br> WriteProcessMemory(ProcessHandle, AddSend, @OldProc[1], 8, dwSize);<br> Result := OldSend(S, Buf, len, flags);<br> JmpCode.Address := @MySend;<br> WriteProcessMemory(ProcessHandle, AddSend, @JmpCode, 8, dwSize);<br>end;<br><br><br><br>{---------------------------------------}<br>{函数功能:Recv函数的HOOK<br>{函数参数:同Recv<br>{函数返回值:integer<br>{---------------------------------------}<br>function MyRecv(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;<br>var<br> dwSize: cardinal;<br>begin<br> WriteProcessMemory(ProcessHandle, AddRecv, @OldProc[0], 8, dwSize);<br> Result := OldRecv(S, Buf, len, flags);<br> JmpCode.Address := @MyRecv;<br> WriteProcessMemory(ProcessHandle, AddRecv, @JmpCode, 8, dwSize);<br> ShowMessage('接收封包长度:'+inttostr(len));//这里永远不会show出来。为什么?请指点<br>end;<br><br>{------------------------------------}<br>{过程功能:HookAPI<br>{过程参数:无<br>{------------------------------------}<br>procedure HookAPI;<br>var<br> DLLModule: THandle;<br> dwSize: cardinal;<br>begin<br> ProcessHandle := GetCurrentProcess;<br> DLLModule := LoadLibrary('ws2_32.dll');<br> AddRecv := GetProcAddress(DLLModule, 'recv');<br> AddSend := GetProcAddress(DLLModule, 'send'); //取得API地址<br> JmpCode.JmpCode := $B8;<br> JmpCode.MovEAX[0] := $FF;<br> JmpCode.MovEAX[1] := $E0;<br> JmpCode.MovEAX[2] := 0;<br> ReadProcessMemory(ProcessHandle, AddRecv, @OldProc[0], 8, dwSize);<br> JmpCode.Address := @MyRecv;<br> WriteProcessMemory(ProcessHandle, AddRecv, @JmpCode, 8, dwSize); //修改Recv入口<br> ReadProcessMemory(ProcessHandle, AddSend, @OldProc[1], 8, dwSize);<br> JmpCode.Address := @MySend;<br> WriteProcessMemory(ProcessHandle, AddSend, @JmpCode, 8, dwSize); //修改Send入口<br> OldSend := AddSend;<br> OldRecv := AddRecv;<br>end;