Hook IE11 WSARecv 中出现漏数据的问题？

小辉001 2018-01-05 01:12:10

使用detours Hook IE11 中 WSARecv WSASend CreateThreadpoolIo StartThreadpoolIo CancelThreadpoolIo在IE11中
有效另外Hook的其它API 如WSAGetOverlappedResult GetQueuedCompletionStatus WaitForThreadpoolIoCallbacks
GetQueuedCompletionStatusEx 等等在IE11下就没有作用，在Hook WSARecv 中出现问题了，我做的hook是使用
webbrowser进行的。

在ie11中开始打开网页时会出现好几个socket 与closesocket的无数据操作的SOCKET在以前ie8的版本就好像没出现过,
不知这是什么原因。

先说一下我Hook的过程，IE11内核中socket 的通讯是通过完成端口进行的，首先是调用ws2_32.dll 中的 WSASocketA
WSASocketW 有时一个SOCKET 两个函数都进去了，这个有点不明白，再进入socket调用，这里为什么WSASocke
socket 两个版本在同一个SOCKET上都会调用呢？

进入CreateThreadpoolIo中建立SOCKET与IO 的联系，这是要保存每一对SOCKET 与 IO 的数据还要加一个回调地址。

 PTP_IO __stdcall Mine_CreateThreadpoolIo(HANDLE fl,

 PTP_WIN32_IO_CALLBACK pfnio, PVOID pv, PTP_CALLBACK_ENVIRON  pcbe)

{

    char szBuf[255];

    PTP_IO rv = 0;

    __try {//MyPTPFun

		rv = Real_CreateThreadpoolIo(fl,MyPTPFun,pv,pcbe);

		sprintf(szBuf,"CreateThreadpoolIo: S:0x%08x  IO:0x%08x FUN:0x%08x\r\n",fl,rv,pfnio);HuiOutDebug(szBuf,_T("hookApi"));

		g_manage.BingSocketToIo(rv,(SOCKET)fl,(void*)pfnio);//这里就是保存操作。

    } __finally {

    };return rv;

}

VOID __stdcall MyPTPFun(PTP_CALLBACK_INSTANCE Instance,PVOID Context,PVOID Overlapped,

	ULONG IoResult,ULONG_PTR NumberOfBytesTransferred,PTP_IO Io)

{

	char szBuf[255];

	PTP_WIN32_IO_CALLBACK pFun= (PTP_WIN32_IO_CALLBACK)g_manage.GetIoFun(Io);

	sprintf(szBuf,"MyPTPFun: IO:0x%08x FUN:0x%08x\r\n",Io,pFun);HuiOutDebug(szBuf,_T("hookApi"));

	if( pFun ){

		g_manage.ProceIo(Io,Overlapped,Context,IoResult,NumberOfBytesTransferred);//先调用自的的回调函数，就是这里出现漏数据？？？？？

		pFun(Instance,Context,Overlapped,IoResult,NumberOfBytesTransferred,Io);//然后是原回调函数

	}

}   //g_manage是一个保存数据的全局类，类中使用了CCriticalSection m_sc;对所用操作进行了保护。

进入StartThreadpoolIo操作，也就是设备IO与SOCKET的一次数据操作正式建立联系。

连接操作不是WSAConnect与connect,是进入connectEx ,这个函数的Hook 比较麻烦，后面我会说明这个函数是怎么hook的，
在IE8中在hook connect时就会出出两个握手的操作，send 与recv,发送与接收的只有一个字节或没有字节，但IE11中只进入了recv,那个send没进入，握手操作的发送数据据不知是怎么操作，这是什么原因呢？
connectEx 之后没有send 或WSASend 操作，直接进入了回调函数MyPTPFun ，MyPTPFun之后没有调用StartThreadpoolIo直接进入recv操作，有时recv与没有操作。

连接建立后，再次进入StartThreadpoolIo进行设备IO与SOCKET的一次数据操作建立联系。
进入WSASend，好像这个函数的操作能立即完成似的没进入回调MyPTPFun中，直接CancelThreadpoolIo取消io完成端口的回调。
再次进入StartThreadpoolIo进行设备IO与SOCKET的一次数据操作建立联系。
然后就是WSARecv，这个操作有时能立即完成直接CancelThreadpoolIo取消io完成端口的回调。有时进入回调函数MyPTPFun,

int __stdcall Mine_WSARecv(SOCKET a0,LPWSABUF a1,DWORD a2,LPDWORD a3,LPDWORD a4,

	LPWSAOVERLAPPED a5,LPWSAOVERLAPPED_COMPLETION_ROUTINE a6)

{    int rv = 0;

	DWORD dw;

	DWORD dwLen ,dwLen1;

	LPWSABUF lp;

	char szBuf[500];

    __try {

        rv = Real_WSARecv(a0, a1, a2, a3, a4, a5, a6);

		sprintf(szBuf,"WSARecv:s:0x%08x  Len:%d len:%d\r\n",a0,0,a1[0].len);

		HuiOutDebug(szBuf,_T("hookApi"));

		g_manage.SetOp(a0,2,a1,a2,a5,a1[0].len);//这里进行了保存操作，以便观察对比；

    } __finally {

    };

    return rv;

}

}

在上述的过程中，g_manage.BingSocketToIo 对回调，完成设备IO, 套接字建立了数据联系，g_manage.SetOp对接收或发送
数据的 LPWSAOVERLAPPED LPWSABUF 指针进行了保存，以便取数或观察。其中在我的回调中对LPWSABUF进行观察时出现了原有的数据消失了，这个应该是new 产生的，因为我对原WSARecv LPWSABUF 结构中len进行了保存，发现是1024，可是在MyPTPFun -> g_manage.ProceIo 进行对比时，原LPWSABUF 指针结构中的len 不是1024了是很大的一个数，这是不可能的，结论就是原WSARecv 中new 产生的LPWSABUF 被释放了，因为调用MyPTPFun 回调就意味着WSARecv返回时，数据应该没收到，但在MyPTPFun 时，原LPWSABUF又被释放了，那IE11在WSARecv 返回与MyPTPFun 回调间是用什么来取数据的呢？还有其它的API吗？在MyPTPFun 中，是我先观察，再调用IE11给的回调函数的。完成端口CreateThreadpoolIo StartThreadpoolIo 的这套API还有别的能取数吗？WaitForThreadpoolIoCallbacks这个api没有进入过，GetQueuedCompletionStatus这个API应该与CreateThreadpoolIo 不是一个体系的吧！

整个hook过程中对进入的API WSASocketW WSASocketA CreateThreadpoolIo StartThreadpoolIo connectex recv WSARecv WSASend socket closesocket 进行了记事本输出观察。

下面结出调用的过程（整理的）
WSASocketW:s:0x00000448
WSASocketA:s:0x00000448
CreateThreadpoolIo: S:0x00000448 IO:0x0052f7a8 FUN:0x7601dfb0
StartThreadpoolIo:IO:0x0052f7a8
connectex:s:0x00000448
MyPTPFun: IO:0x0052f7a8 FUN:0x7601dfb0
StartThreadpoolIo:IO:0x0052f7a8
WSASend:s:0x00000448 Len:0 len:770
CancelThreadpoolIo:IO:0x0052f7a8
WSARecv:s:0x00000448 Len:0 len:1024
MyPTPFun: IO:0x0052f7a8 FUN:0x7601dfb0
StartThreadpoolIo:IO:0x0052f7a8
WSARecv:s:0x00000448 Len:0 len:4096
CancelThreadpoolIo:IO:0x0052f7a8
StartThreadpoolIo:IO:0x0052f7a8
WSARecv:s:0x00000448 Len:0 len:4096
CancelThreadpoolIo:IO:0x0052f7a8
StartThreadpoolIo:IO:0x0052f7a8
WSARecv:s:0x00000448 Len:0 len:4096
CancelThreadpoolIo:IO:0x0052f7a8
WSARecv:s:0x00000448 Len:0 len:4096
CancelThreadpoolIo:IO:0x0052f7a8
StartThreadpoolIo:IO:0x0052f7a8
WSARecv:s:0x00000448 Len:0 len:4096
CancelThreadpoolIo:IO:0x0052f7a8
StartThreadpoolIo:IO:0x0052f7a8
WSARecv:s:0x00000448 Len:0 len:4096
CancelThreadpoolIo:IO:0x0052f7a8
StartThreadpoolIo:IO:0x0052f7a8
WSARecv:s:0x00000448 Len:0 len:4096
CancelThreadpoolIo:IO:0x0052f7a8
recv:s:0x00000448 Len:-1
recv:s:0x00000448 Len:-1
StartThreadpoolIo:IO:0x0052f7a8
WSASend:s:0x00000448 Len:0 len:867
CancelThreadpoolIo:IO:0x0052f7a8
WSARecv:s:0x00000448 Len:0 len:1024
MyPTPFun: IO:0x0052f7a8 FUN:0x7601dfb0

WSASocketW:s:0x0000043c
WSASocketA:s:0x0000043c
CreateThreadpoolIo: S:0x0000043c IO:0x0052f688 FUN:0x7601dfb0
StartThreadpoolIo:IO:0x0052f688
connectex:s:0x0000043c
MyPTPFun: IO:0x0052f688 FUN:0x7601dfb0
recv:s:0x0000043c Len:-1
recv:s:0x0000043c Len:-1
StartThreadpoolIo:IO:0x0052f688
WSASend:s:0x0000043c Len:0 len:708
CancelThreadpoolIo:IO:0x0052f688
StartThreadpoolIo:IO:0x0052f688
WSARecv:s:0x0000043c Len:0 len:1024
MyPTPFun: IO:0x0052f688 FUN:0x7601dfb0
StartThreadpoolIo:IO:0x0052f688
WSARecv:s:0x0000043c Len:0 len:4096
CancelThreadpoolIo:IO:0x0052f688
recv:s:0x0000043c Len:-1

WSASocketW:s:0x00000354
socket:s:0x00000354
closesocket:s:0x00000354
WSASocketW:s:0x00000354
WSASocketA:s:0x00000354
CreateThreadpoolIo: S:0x00000354 IO:0x004d8f48 FUN:0x7601dfb0
StartThreadpoolIo:IO:0x004d8f48
connectex:s:0x00000354
MyPTPFun: IO:0x004d8f48 FUN:0x7601dfb0
recv:s:0x00000354 Len:-1

...全文

994 11 打赏收藏转发到动态举报

写回复

用AI写文章

11 条回复

切换为时间正序

请发表友善的回复…

发表回复

小辉001 2018-01-15

打赏
举报

设置IE6-IE11兼容性问题不会改变内核的网络数据机制，只改变界面展示。网络层的编程结构只与版本有关，IE8没用完成端口，IE9以上的用了完成端口。IE9与之前的socket机制完全不同的，在建立连接时ie8之前的socket会收到1字节的握手数据，在ie9完成端口，连接是用了connectEx，有时会收了握手的recv数据，send数据一直没收到过。这知是什么原因，ie8没用完成端口与connectex,用的recv\send 或WSARecv与WSASend，都会收到完整的握手调用，在ie9之后，能有进收到recv的握手数据。send就没收到过，不知是什么原因！！！！！！！

小辉001 2018-01-15

打赏
举报

先前有人说在WSASend或WSARecv中如果LPWSAOVERLAPPED 结构中的InternalHigh结构中有长度就可以取数，这个不是很稳定，回调或CancelThreadpoolIo中取数一好像没漏过数据，注意的是不能直接保存WSABUF 指针，这个结构会在回调或CancelThreadpoolIo之前释放，但结构中的buf 没释放，可以取数。

小辉001 2018-01-15

打赏
举报

已自已搞定了，Hook NtDeviceIoControlFile这个解决不了问这个异步问题，最终是数据缓存的位置问题，HOOK CancelThreadpoolIo,WSARecv,WSASend,CreateThreadpoolIo,在WSARecv里只能保存WSABUF 结构中的buf,WSABUF会在系统处理数据的过程中被释放，但结构中的buf在回调或CancelThreadpoolIo中是有效的。有效的数据长度是LPWSAOVERLAPPED 结构中的InternalHigh,这校就OK了,在CreateThreadpoolIo中关联SOCKET与IO,还有保存与替换回调，在WSARecv与WSASend，关联SOCKET与数据缓存，还有LPWSAOVERLAPPED ,在CancelThreadpoolIo或回调中取数据；CancelThreadpoolIo是用IO取到SOCKET,再取到相关的LPWSAOVERLAPPED 结构中的InternalHigh与WSABUF 结构中的buf,注意一般WSABUF 会释放了，先前应该只能保存WSABUF 结构中的buf指针，如果在回调中，回调会收到IO与LPWSAOVERLAPPED ,用IO关联的SOCKET就可以取到buf了，如果CancelThreadpoolIo被调用就不会再调用回调的，回调被调用就不会调用CancelThreadpoolIo,注意回调取好数据后一定在调用原回调。这校就能完美解决IE7hook socket了

赵4老师 2018-01-08

打赏
举报

搜“The Dark Side of Winsock”

xengine-qyt 2018-01-08

打赏
举报

是不是你没处理及时哦

小辉001 2018-01-06

打赏
举报

乱码不是加密的原因,是跟本没有正确的数据, hook ntdeviceiocontrolfile 与hook WSARecv WSASend 效果一样的,进WSARecv 必定进了ntdeviceiocontrolfile ,WSARecv 返回时,ntdeviceiocontrolfile已返回,ntdeviceiocontrolfile与WSARecv 一样,解决不了完成端口的问题,在WSARecv调用之手与MyPTPFun回调之前,还有什么方法取数呢?使用的是CreateThreadpoolIo这一套完成端口的API,在LPWSAOVERLAPPED的结构中lpOverlapped>hEvent=null, WSARecv 的lpCompletionRoutine参数为null.

zwfgdlc 2018-01-05

打赏
举报

乱码的都是HTTPS数据吧,https数据是加密的,肯定是乱码

小辉001 2018-01-05

打赏
举报

hook ntdeviceiocontrolfile 时，设置断点运行正常，没设断点运行是乱码，

zwfgdlc 2018-01-05

打赏
举报

hook ntdeviceiocontrolfile

小辉001 2018-01-05

打赏
举报

socket:s:0x00000480 socket:s:0x000004a8 WSASocketW:s:0x00000498 WSASocketW:s:0x000004a4 socket:s:0x000004a0 closesocket:s:0x00000480 closesocket:s:0x000004a8 socket:s:0x00000498 WSASocketW:s:0x0000049c socket:s:0x000004a4 closesocket:s:0x000004a0 WSASocketW:s:0x000004a8 closesocket:s:0x00000498 socket:s:0x0000049c WSASocketW:s:0x00000480 closesocket:s:0x000004a4 socket:s:0x000004a8 MyPTPFun: IO:0x00539168 FUN:0x7601dfb0 WSASocketW:s:0x00000498 closesocket:s:0x0000049c socket:s:0x00000480 WSASocketW:s:0x000004a4 closesocket:s:0x000004a8 recv:s:0x00000494 Len:-1 WSASocketA:s:0x00000498 CreateThreadpoolIo: S:0x00000498 IO:0x005383d8 FUN:0x7601dfb0 WSASocketW:s:0x0000049c closesocket:s:0x00000480 socket:s:0x000004a4 WSASocketW:s:0x000004a0 StartThreadpoolIo:IO:0x005383d8 WSASocketW:s:0x000004a8 WSASocketA:s:0x0000049c WSASocketW:s:0x00000480 closesocket:s:0x000004a4 socket:s:0x000004a0 connectex:s:0x00000498 socket:s:0x000004a8 CreateThreadpoolIo: S:0x0000049c IO:0x00539040 FUN:0x7601dfb0 WSASocketA:s:0x00000480 WSASocketW:s:0x000004a4 closesocket:s:0x000004a0 recv:s:0x00000488 Len:-1 closesocket:s:0x000004a8 StartThreadpoolIo:IO:0x00539040 CreateThreadpoolIo: S:0x00000480 IO:0x00539eb0 FUN:0x7601dfb0 WSASocketA:s:0x000004a4 WSASocketW:s:0x000004b0 WSASocketW:s:0x000004ac WSASocketW:s:0x000004a8 connectex:s:0x0000049c StartThreadpoolIo:IO:0x00539eb0 CreateThreadpoolIo: S:0x000004a4 IO:0x0053c870 FUN:0x7601dfb0 socket:s:0x000004b0 socket:s:0x000004ac WSASocketA:s:0x000004a8 MyPTPFun: IO:0x00539040 FUN:0x7601dfb0 WSASocketW:s:0x000004b4 CreateThreadpoolIo: S:0x000004a8 IO:0x0053cd80 FUN:0x7601dfb0 StartThreadpoolIo:IO:0x0053c870 closesocket:s:0x000004b0 StartThreadpoolIo:IO:0x0053cd80 MyPTPFun: IO:0x00539eb0 FUN:0x7601dfb0 connectex:s:0x000004a8 MyPTPFun: IO:0x0052f7a8 FUN:0x7601dfb0 connectex:s:0x00000480 MyPTPFun: IO:0x005383d8 FUN:0x7601dfb0 StartThreadpoolIo:IO:0x00539eb0 recv:s:0x00000498 Len:-1 StartThreadpoolIo:IO:0x00539040 WSASocketW:s:0x000004b0 socket:s:0x000004b0 closesocket:s:0x000004b0 closesocket:s:0x000004ac WSASocketW:s:0x000004ac MyPTPFun: IO:0x0053cd80 FUN:0x7601dfb0 MyPTPFun: IO:0x0053c870 FUN:0x7601dfb0 StartThreadpoolIo:IO:0x0052f7a8 socket:s:0x000004b4 connectex:s:0x000004a4 socket:s:0x000004ac StartThreadpoolIo:IO:0x0053cd80 WSARecv:s:0x00000448 Len:0 len:4096 WSASocketW:s:0x000004b0 closesocket:s:0x000004b4 StartThreadpoolIo:IO:0x0053c870 closesocket:s:0x000004ac CancelThreadpoolIo:IO:0x0052f7a8 socket:s:0x000004b0 closesocket:s:0x000004b0 WSASocketW:s:0x000004b0 WSASocketA:s:0x000004b0 CreateThreadpoolIo: S:0x000004b0 IO:0x0057c810 FUN:0x7601dfb0 WSASocketW:s:0x000004b4 WSASocketW:s:0x0000057c socket:s:0x0000057c socket:s:0x000004b4 StartThreadpoolIo:IO:0x0057c810 closesocket:s:0x0000057c closesocket:s:0x000004b4 connectex:s:0x000004b0 StartThreadpoolIo:IO:0x0052f7a8 WSARecv:s:0x00000448 Len:0 len:4096 CancelThreadpoolIo:IO:0x0052f7a8 WSASocketW:s:0x00000594 StartThreadpoolIo:IO:0x0052f7a8 socket:s:0x00000594 WSARecv:s:0x00000448 Len:0 len:4096 closesocket:s:0x00000594 CancelThreadpoolIo:IO:0x0052f7a8 StartThreadpoolIo:IO:0x0052f7a8 MyPTPFun: IO:0x0057c810 FUN:0x7601dfb0 WSARecv:s:0x00000448 Len:0 len:4096 StartThreadpoolIo:IO:0x0057c810 CancelThreadpoolIo:IO:0x0052f7a8 StartThreadpoolIo:IO:0x0052f7a8 WSARecv:s:0x00000448 Len:0 len:4096 CancelThreadpoolIo:IO:0x0052f7a8 StartThreadpoolIo:IO:0x0052f7a8 WSARecv:s:0x00000448 Len:0 len:4096 CancelThreadpoolIo:IO:0x0052f7a8 StartThreadpoolIo:IO:0x0052f7a8 WSARecv:s:0x00000448 Len:0 len:4096 CancelThreadpoolIo:IO:0x0052f7a8 recv:s:0x00000448 Len:-1 WSASend:s:0x0000049c Len:0 len:171 CancelThreadpoolIo:IO:0x00539040 StartThreadpoolIo:IO:0x00539040 WSARecv:s:0x0000049c Len:0 len:1024 WSASend:s:0x000004a8 Len:0 len:170 CancelThreadpoolIo:IO:0x0053cd80 MyPTPFun: IO:0x00539040 FUN:0x7601dfb0 WSASend:s:0x00000480 Len:0 len:171 StartThreadpoolIo:IO:0x0053cd80 StartThreadpoolIo:IO:0x00539040 CancelThreadpoolIo:IO:0x00539eb0 WSARecv:s:0x000004a8 Len:0 len:1024 WSARecv:s:0x0000049c Len:0 len:94 CancelThreadpoolIo:IO:0x00539040 StartThreadpoolIo:IO:0x00539eb0 StartThreadpoolIo:IO:0x00539040 WSARecv:s:0x00000480 Len:0 len:1024 WSARecv:s:0x0000049c Len:0 len:1024 CancelThreadpoolIo:IO:0x00539040 StartThreadpoolIo:IO:0x00539040 MyPTPFun: IO:0x0053cd80 FUN:0x7601dfb0 WSARecv:s:0x0000049c Len:0 len:1024 CancelThreadpoolIo:IO:0x00539eb0 CancelThreadpoolIo:IO:0x00539040 StartThreadpoolIo:IO:0x0053cd80 WSARecv:s:0x000004a8 Len:0 len:90 CancelThreadpoolIo:IO:0x0053cd80 StartThreadpoolIo:IO:0x0053cd80 WSARecv:s:0x000004a8 Len:0 len:1024 WSASend:s:0x000004a4 Len:0 len:171 StartThreadpoolIo:IO:0x00539040 StartThreadpoolIo:IO:0x00539eb0 WSASend:s:0x0000049c Len:0 len:166 CancelThreadpoolIo:IO:0x0053cd80 CancelThreadpoolIo:IO:0x00539040 CancelThreadpoolIo:IO:0x0053c870 WSARecv:s:0x00000480 Len:0 len:94 StartThreadpoolIo:IO:0x0053cd80 StartThreadpoolIo:IO:0x00539040 StartThreadpoolIo:IO:0x0053c870 WSARecv:s:0x000004a4 Len:0 len:1024 WSARecv:s:0x0000049c Len:0 len:3072 CancelThreadpoolIo:IO:0x00539040 WSARecv:s:0x000004a8 Len:0 len:1024 WSASend:s:0x000004b0 Len:0 len:171 CancelThreadpoolIo:IO:0x0053cd80 CancelThreadpoolIo:IO:0x0053c870 CancelThreadpoolIo:IO:0x00539eb0 StartThreadpoolIo:IO:0x0053c870 StartThreadpoolIo:IO:0x00539eb0 WSARecv:s:0x00000480 Len:0 len:1024 WSARecv:s:0x000004a4 Len:0 len:94 CancelThreadpoolIo:IO:0x0053c870 CancelThreadpoolIo:IO:0x00539eb0 StartThreadpoolIo:IO:0x0053c870 WSARecv:s:0x000004a4 Len:0 len:1024 StartThreadpoolIo:IO:0x0053cd80 WSASend:s:0x000004a8 Len:0 len:358 CancelThreadpoolIo:IO:0x0053cd80 StartThreadpoolIo:IO:0x0053cd80 StartThreadpoolIo:IO:0x00539eb0 WSARecv:s:0x00000480 Len:0 len:1024 CancelThreadpoolIo:IO:0x00539eb0 CancelThreadpoolIo:IO:0x0053c870 WSARecv:s:0x000004a8 Len:0 len:3072 recv:s:0x0000043c Len:-1 CancelThreadpoolIo:IO:0x0057c810 StartThreadpoolIo:IO:0x0057c810 StartThreadpoolIo:IO:0x0053c870 WSARecv:s:0x000004a4 Len:0 len:1024 CancelThreadpoolIo:IO:0x0053c870 WSARecv:s:0x000004b0 Len:0 len:1024 CancelThreadpoolIo:IO:0x0057c810 StartThreadpoolIo:IO:0x0052f688 WSASend:s:0x0000043c Len:0 len:708 CancelThreadpoolIo:IO:0x0052f688 StartThreadpoolIo:IO:0x0057c810 WSARecv:s:0x000004b0 Len:0 len:90 CancelThreadpoolIo:IO:0x0057c810 StartThreadpoolIo:IO:0x0052f688 MyPTPFun: IO:0x0053cd80 FUN:0x7601dfb0 StartThreadpoolIo:IO:0x0057c810 WSARecv:s:0x000004b0 Len:0 len:1024 CancelThreadpoolIo:IO:0x0057c810 WSARecv:s:0x0000043c Len:0 len:1024 StartThreadpoolIo:IO:0x0053c870 WSASend:s:0x000004a4 Len:0 len:166 StartThreadpoolIo:IO:0x0057c810 StartThreadpoolIo:IO:0x00539eb0 CancelThreadpoolIo:IO:0x0053c870 WSARecv:s:0x000004b0 Len:0 len:1024 WSASend:s:0x00000480 Len:0 len:166 CancelThreadpoolIo:IO:0x0057c810 StartThreadpoolIo:IO:0x0053c870 StartThreadpoolIo:IO:0x0057c810 WSARecv:s:0x000004a4 Len:0 len:3072 WSASend:s:0x000004b0 Len:0 len:358 CancelThreadpoolIo:IO:0x0053c870 CancelThreadpoolIo:IO:0x0057c810 CancelThreadpoolIo:IO:0x00539eb0 StartThreadpoolIo:IO:0x0057c810 StartThreadpoolIo:IO:0x00539eb0 WSARecv:s:0x00000480 Len:0 len:3072 CancelThreadpoolIo:IO:0x00539eb0 WSARecv:s:0x000004b0 Len:0 len:3072 CancelThreadpoolIo:IO:0x0057c810 recv:s:0x000004b0 Len:-1 recv:s:0x0000049c Len:-1 recv:s:0x000004a4 Len:-1 recv:s:0x00000480 Len:-1 recv:s:0x000004a8 Len:-1 MyPTPFun: IO:0x0052f688 FUN:0x7601dfb0 StartThreadpoolIo:IO:0x0052f688 WSARecv:s:0x0000043c Len:0 len:4096 CancelThreadpoolIo:IO:0x0052f688 recv:s:0x0000043c Len:-1 recv:s:0x00000484 Len:-1 StartThreadpoolIo:IO:0x00536db8 WSASend:s:0x00000484 Len:0 len:721 CancelThreadpoolIo:IO:0x00536db8 StartThreadpoolIo:IO:0x00536db8 recv:s:0x00000464 Len:-1 WSARecv:s:0x00000484 Len:0 len:1024 recv:s:0x00000458 Len:-1 StartThreadpoolIo:IO:0x00527298 StartThreadpoolIo:IO:0x0050db40 recv:s:0x00000448 Len:-1 WSASend:s:0x00000464 Len:0 len:441 StartThreadpoolIo:IO:0x0052f7a8 CancelThreadpoolIo:IO:0x00527298 StartThreadpoolIo:IO:0x00527298 WSASend:s:0x00000448 Len:0 len:867 WSARecv:s:0x00000464 Len:0 len:1024 WSASend:s:0x00000458 Len:0 len:412 CancelThreadpoolIo:IO:0x0052f7a8 StartThreadpoolIo:IO:0x0052f7a8 MyPTPFun: IO:0x00536db8 FUN:0x7601dfb0 WSARecv:s:0x00000448 Len:0 len:1024 CancelThreadpoolIo:IO:0x0050db40 StartThreadpoolIo:IO:0x0050db40 MyPTPFun: IO:0x0052f7a8 FUN:0x7601dfb0 shutdown:s:0x00000484 WSARecv:s:0x00000458 Len:0 len:1024 recv:s:0x00000448 Len:-1 closesocket:s:0x00000484 CancelThreadpoolIo:IO:0x0050db40 CloseThreadpoolIo:IO:0x00536db8 recv:s:0x00000458 Len:-1 MyPTPFun: IO:0x00527298 FUN:0x7601dfb0 StartThreadpoolIo:IO:0x00527298 WSARecv:s:0x00000464 Len:0 len:4096 CancelThreadpoolIo:IO:0x00527298 shutdown:s:0x00000464 closesocket:s:0x00000464 CloseThreadpoolIo:IO:0x00527298 recv:s:0x00000494 Len:-1 StartThreadpoolIo:IO:0x00539168 WSASend:s:0x00000494 Len:0 len:405 CancelThreadpoolIo:IO:0x00539168 StartThreadpoolIo:IO:0x00539168 WSARecv:s:0x00000494 Len:0 len:1024 WSASocketW:s:0x0000047c socket:s:0x0000047c closesocket:s:0x0000047c WSASocketW:s:0x00000478 socket:s:0x00000478 closesocket:s:0x00000478 MyPTPFun: IO:0x00539168 FUN:0x7601dfb0 recv:s:0x00000494 Len:-1 WSASocketW:s:0x00000bb0 WSASocketW:s:0x00000bd4 socket:s:0x00000bb0 socket:s:0x00000bd4 closesocket:s:0x00000bb0 closesocket:s:0x00000bd4 WSASocketW:s:0x00000bd4 socket:s:0x00000bd4 closesocket:s:0x00000bd4 recv:s:0x00000498 Len:-1 StartThreadpoolIo:IO:0x005383d8 WSASend:s:0x00000498 Len:0 len:709 CancelThreadpoolIo:IO:0x005383d8 StartThreadpoolIo:IO:0x005383d8 WSARecv:s:0x00000498 Len:0 len:1024 MyPTPFun: IO:0x005383d8 FUN:0x7601dfb0 shutdown:s:0x00000498 closesocket:s:0x00000498 CloseThreadpoolIo:IO:0x005383d8 WSASocketW:s:0x00000b00 socket:s:0x00000b00 closesocket:s:0x00000b00 WSASocketW:s:0x000006f8 socket:s:0x000006f8 closesocket:s:0x000006f8

小辉001 2018-01-05

打赏
举报

未整理的： WSASocketW:s:0x00000274 WSASocketW:s:0x000002c8 WSASocketW:s:0x000002dc WSASocketW:s:0x0000037c socket:s:0x0000037c closesocket:s:0x0000037c WSASocketW:s:0x0000039c WSASocketW:s:0x000003a8 socket:s:0x000003a8 closesocket:s:0x000003a8 socket:s:0x000002c8 socket:s:0x000002dc WSASocketW:s:0x00000380 socket:s:0x00000380 WSASocketW:s:0x000003c0 socket:s:0x0000039c WSASocketW:s:0x000003b4 socket:s:0x00000274 WSASocketW:s:0x000003a8 socket:s:0x000003a8 closesocket:s:0x000003a8 WSASocketW:s:0x00000390 socket:s:0x00000390 closesocket:s:0x000002dc closesocket:s:0x00000274 WSASocketW:s:0x000002dc closesocket:s:0x0000039c socket:s:0x000003c0 closesocket:s:0x000002c8 socket:s:0x000002dc closesocket:s:0x000002dc closesocket:s:0x00000390 closesocket:s:0x00000380 WSASocketW:s:0x00000354 WSASocketW:s:0x0000039c closesocket:s:0x000003c0 socket:s:0x000003b4 WSASocketW:s:0x00000390 WSASocketW:s:0x00000380 socket:s:0x00000354 socket:s:0x0000039c closesocket:s:0x000003b4 socket:s:0x00000390 closesocket:s:0x00000390 closesocket:s:0x00000354 closesocket:s:0x0000039c WSASocketW:s:0x000003b4 socket:s:0x000003b4 closesocket:s:0x000003b4 WSASocketW:s:0x00000354 WSASocketW:s:0x00000424 socket:s:0x00000380 WSASocketW:s:0x000003c0 WSASocketW:s:0x0000042c WSASocketA:s:0x00000354 socket:s:0x00000424 closesocket:s:0x00000424 socket:s:0x000003c0 closesocket:s:0x000003c0 closesocket:s:0x00000380 socket:s:0x0000042c CreateThreadpoolIo: S:0x00000354 IO:0x004d8f48 FUN:0x7601dfb0 WSASocketW:s:0x0000043c WSASocketW:s:0x00000440 WSASocketW:s:0x00000448 closesocket:s:0x0000042c StartThreadpoolIo:IO:0x004d8f48 WSASocketA:s:0x0000043c WSASocketA:s:0x00000440 WSASocketA:s:0x00000448 WSASocketW:s:0x00000450 WSASocketW:s:0x0000042c connectex:s:0x00000354 CreateThreadpoolIo: S:0x0000043c IO:0x0052f688 FUN:0x7601dfb0 CreateThreadpoolIo: S:0x00000440 IO:0x0052f718 FUN:0x7601dfb0 CreateThreadpoolIo: S:0x00000448 IO:0x0052f7a8 FUN:0x7601dfb0 socket:s:0x00000450 socket:s:0x0000042c WSASocketW:s:0x00000458 WSASocketW:s:0x0000045c StartThreadpoolIo:IO:0x0052f688 StartThreadpoolIo:IO:0x0052f718 closesocket:s:0x00000450 StartThreadpoolIo:IO:0x0052f7a8 closesocket:s:0x0000042c socket:s:0x00000458 socket:s:0x0000045c connectex:s:0x0000043c connectex:s:0x00000440 MyPTPFun: IO:0x0052f688 FUN:0x7601dfb0 MyPTPFun: IO:0x004d8f48 FUN:0x7601dfb0 MyPTPFun: IO:0x0052f718 FUN:0x7601dfb0 recv:s:0x0000043c Len:-1 WSASocketW:s:0x00000468 recv:s:0x00000354 Len:-1 WSASocketW:s:0x0000042c closesocket:s:0x00000458 closesocket:s:0x0000045c WSASocketW:s:0x00000450 connectex:s:0x00000448 WSASocketW:s:0x00000464 recv:s:0x00000440 Len:-1 MyPTPFun: IO:0x0052f7a8 FUN:0x7601dfb0 socket:s:0x00000468 socket:s:0x0000042c WSASocketW:s:0x00000458 WSASocketW:s:0x0000045c socket:s:0x00000450 socket:s:0x00000464 StartThreadpoolIo:IO:0x0052f7a8 closesocket:s:0x00000468 closesocket:s:0x0000042c socket:s:0x00000458 socket:s:0x0000045c closesocket:s:0x00000450 closesocket:s:0x00000464 WSASend:s:0x00000448 Len:0 len:770 WSASocketW:s:0x00000468 closesocket:s:0x00000458 closesocket:s:0x0000045c WSASocketW:s:0x00000450 socket:s:0x00000450 CancelThreadpoolIo:IO:0x0052f7a8 socket:s:0x00000468 WSASocketW:s:0x00000458 WSASocketW:s:0x0000042c WSASocketW:s:0x0000045c WSASocketW:s:0x00000464 socket:s:0x00000464 StartThreadpoolIo:IO:0x0052f7a8 closesocket:s:0x00000468 WSARecv:s:0x00000448 Len:0 len:1024 closesocket:s:0x00000464 socket:s:0x0000042c socket:s:0x00000458 socket:s:0x0000045c closesocket:s:0x00000450 WSASocketW:s:0x00000468 closesocket:s:0x0000042c closesocket:s:0x00000458 WSASocketW:s:0x00000458 WSASocketW:s:0x00000450 socket:s:0x00000468 WSASocketW:s:0x0000042c closesocket:s:0x0000045c WSASocketA:s:0x00000458 WSASocketW:s:0x00000464 socket:s:0x00000450 closesocket:s:0x00000468 WSASocketA:s:0x0000042c CreateThreadpoolIo: S:0x00000458 IO:0x0050db40 FUN:0x7601dfb0 socket:s:0x00000464 closesocket:s:0x00000464 WSASocketW:s:0x00000468 WSASocketW:s:0x0000045c CreateThreadpoolIo: S:0x0000042c IO:0x00533ee0 FUN:0x7601dfb0 StartThreadpoolIo:IO:0x0050db40 closesocket:s:0x00000450 WSASocketW:s:0x00000464 socket:s:0x00000468 closesocket:s:0x00000468 StartThreadpoolIo:IO:0x00533ee0 connectex:s:0x00000458 WSASocketW:s:0x00000450 WSASocketA:s:0x00000464 socket:s:0x0000045c WSASocketW:s:0x00000468 connectex:s:0x0000042c WSASocketW:s:0x00000480 WSASocketA:s:0x00000450 CreateThreadpoolIo: S:0x00000464 IO:0x00527298 FUN:0x7601dfb0 closesocket:s:0x0000045c socket:s:0x00000468 MyPTPFun: IO:0x0050db40 FUN:0x7601dfb0 WSASocketW:s:0x00000484 MyPTPFun: IO:0x00533ee0 FUN:0x7601dfb0 socket:s:0x00000480 CreateThreadpoolIo: S:0x00000450 IO:0x00534e38 FUN:0x7601dfb0 StartThreadpoolIo:IO:0x00527298 WSASocketW:s:0x0000045c closesocket:s:0x00000468 recv:s:0x00000458 Len:-1 socket:s:0x00000484 recv:s:0x0000042c Len:-1 closesocket:s:0x00000480 StartThreadpoolIo:IO:0x00534e38 connectex:s:0x00000464 WSASocketA:s:0x0000045c WSASocketW:s:0x00000468 closesocket:s:0x00000484 WSASocketW:s:0x00000480 connectex:s:0x00000450 WSASocketW:s:0x00000488 CreateThreadpoolIo: S:0x0000045c IO:0x00535390 FUN:0x7601dfb0 socket:s:0x00000468 WSASocketW:s:0x00000484 socket:s:0x00000480 MyPTPFun: IO:0x00527298 FUN:0x7601dfb0 WSASocketW:s:0x0000048c MyPTPFun: IO:0x00534e38 FUN:0x7601dfb0 socket:s:0x00000488 StartThreadpoolIo:IO:0x00535390 closesocket:s:0x00000468 socket:s:0x00000484 closesocket:s:0x00000480 recv:s:0x00000464 Len:-1 socket:s:0x0000048c recv:s:0x00000450 Len:-1 closesocket:s:0x00000488 connectex:s:0x0000045c WSASocketW:s:0x00000468 WSASocketA:s:0x00000468 WSASocketW:s:0x00000490 closesocket:s:0x0000048c WSASocketW:s:0x00000488 WSASocketW:s:0x00000480 MyPTPFun: IO:0x00535390 FUN:0x7601dfb0 closesocket:s:0x00000484 CreateThreadpoolIo: S:0x00000468 IO:0x005315f8 FUN:0x7601dfb0 socket:s:0x00000490 WSASocketW:s:0x0000048c socket:s:0x00000488 socket:s:0x00000480 recv:s:0x0000045c Len:-1 WSASocketW:s:0x00000484 StartThreadpoolIo:IO:0x005315f8 closesocket:s:0x00000490 socket:s:0x0000048c closesocket:s:0x00000488 closesocket:s:0x00000480 socket:s:0x00000484 connectex:s:0x00000468 WSASocketW:s:0x00000490 closesocket:s:0x0000048c WSASocketW:s:0x00000488 WSASocketW:s:0x00000480 closesocket:s:0x00000484 WSASocketW:s:0x00000494 WSASocketA:s:0x00000490 WSASocketW:s:0x0000048c socket:s:0x00000488 socket:s:0x00000480 WSASocketW:s:0x00000484 socket:s:0x00000494 CreateThreadpoolIo: S:0x00000490 IO:0x00534d10 FUN:0x7601dfb0 socket:s:0x0000048c closesocket:s:0x00000488 closesocket:s:0x00000480 WSASocketA:s:0x00000484 closesocket:s:0x00000494 WSASocketW:s:0x00000494 socket:s:0x00000494 closesocket:s:0x00000494 CreateThreadpoolIo: S:0x00000484 IO:0x00536db8 FUN:0x7601dfb0 StartThreadpoolIo:IO:0x00534d10 closesocket:s:0x0000048c WSASocketW:s:0x00000488 MyPTPFun: IO:0x005315f8 FUN:0x7601dfb0 WSASocketW:s:0x00000494 socket:s:0x00000494 connectex:s:0x00000490 WSASocketW:s:0x0000048c WSASocketA:s:0x00000488 recv:s:0x00000468 Len:-1 StartThreadpoolIo:IO:0x00536db8 WSASocketW:s:0x00000480 closesocket:s:0x00000494 MyPTPFun: IO:0x00534d10 FUN:0x7601dfb0 WSASocketW:s:0x00000498 WSASocketA:s:0x0000048c CreateThreadpoolIo: S:0x00000488 IO:0x00537728 FUN:0x7601dfb0 connectex:s:0x00000484 socket:s:0x00000480 WSASocketW:s:0x00000494 recv:s:0x00000490 Len:-1 socket:s:0x00000498 CreateThreadpoolIo: S:0x0000048c IO:0x00531690 FUN:0x7601dfb0 StartThreadpoolIo:IO:0x00537728 WSASocketW:s:0x0000049c closesocket:s:0x00000480 WSASocketA:s:0x00000494 closesocket:s:0x00000498 StartThreadpoolIo:IO:0x00531690 connectex:s:0x00000488 socket:s:0x0000049c WSASocketW:s:0x00000480 CreateThreadpoolIo: S:0x00000494 IO:0x00539168 FUN:0x7601dfb0 WSASocketW:s:0x00000498 connectex:s:0x0000048c WSASocketW:s:0x000004a0 MyPTPFun: IO:0x00536db8 FUN:0x7601dfb0 closesocket:s:0x0000049c socket:s:0x00000480 StartThreadpoolIo:IO:0x00539168 socket:s:0x00000498 WSASocketW:s:0x000004a4 socket:s:0x000004a0 recv:s:0x00000484 Len:-1 WSASocketW:s:0x0000049c closesocket:s:0x00000480 connectex:s:0x00000494 closesocket:s:0x00000498 socket:s:0x000004a4 closesocket:s:0x000004a0 socket:s:0x0000049c MyPTPFun: IO:0x00531690 FUN:0x7601dfb0 MyPTPFun: IO:0x00537728 FUN:0x7601dfb0 WSASocketW:s:0x00000480 WSASocketW:s:0x000004a8 closesocket:s:0x000004a4 WSASocketW:s:0x000004a0 closesocket:s:0x0000049c recv:s:0x0000048c Len:-1 recv:s:0x00000488 Len:-1