15,471
社区成员
发帖
与我相关
我的任务
分享hook IE 的send recv函数
各位大神,求助啊!
我现在要hook ie的send和recv函数,想把网页的内容拿下来,dll已经写好了,还写了个将它注入IE的程序,通过IceWorld查看也证明这个Dll也成功的注入IE了,但是我自己的MySend函数不起作用,不知道是为什么。希望有经验的大神们帮忙看看吧。谢啦!
// dllmain.cpp : 定义 DLL 应用程序的入口点。
#include "stdafx.h"
#include <WinSock.h>
#include <stdio.h>
#include "detours.h"
#pragma comment(lib, "ws2_32.lib")
#pragma comment (lib,"detours.lib")
#pragma comment (lib,"detoured.lib")
int (WINAPI *pSend)(SOCKET s, const char* buf,int len, int flags) = send;
int WINAPI MySend(SOCKET s, const char* buf,int len, int flags);
int (WINAPI *pRecv)(SOCKET s, __out_bcount_part(len, return) __out_data_source(NETWORK) char* buf,int len, int flags) = recv;
int WINAPI MyRecv(SOCKET s, __out_bcount_part(len, return) __out_data_source(NETWORK) char* buf,int len, int flag);
int WINAPI MySend(SOCKET s, const char* buf, int len, int flags)
{
FILE *pSendLogFile;
fopen_s(&pSendLogFile, "C: \\SendLog.txt", "a+");
fprintf(pSendLogFile, "%s\n", buf);
MessageBox(NULL,"Error!send","Error in Detours!",MB_OK);
fclose(pSendLogFile);
return pSend(s, buf, len, flags);
}
int WINAPI MyRecv(SOCKET s, char* buf, int len, int flags)
{
FILE *pRecvLogFile;
fopen_s(&pRecvLogFile, "C: \\RecvLog.txt", "a+");
fprintf(pRecvLogFile, "%s\n", buf);
MessageBox(NULL,"Error!recv","Error in Detours!",MB_OK);
fclose(pRecvLogFile);
return pRecv(s, buf, len, flags);
}
BOOL APIENTRY DllMain( HMODULE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
int error;
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
DisableThreadLibraryCalls(hModule);
DetourTransactionBegin();
DetourUpdateThread(::GetCurrentThread());
DetourAttach(&(PVOID&)pSend, MySend);
error = DetourTransactionCommit();
if(NO_ERROR!=error)
{
MessageBox(NULL,"Error!","Error in Detours!",MB_OK);
}
DetourTransactionBegin();
DetourUpdateThread(::GetCurrentThread());
DetourAttach(&(PVOID&)pRecv, MyRecv);
error = DetourTransactionCommit();
if(NO_ERROR!=error)
{
MessageBox(NULL,"Error!","Error in Detours!",MB_OK);
}
break;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)pSend, MySend);
error = DetourTransactionCommit();
MessageBox(NULL,"Detour ends","Prompt!",MB_OK);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)pRecv, MyRecv);
error = DetourTransactionCommit();
MessageBox(NULL,"Detour ends","Prompt!",MB_OK);
break;
; }
return TRUE;
}
我现在要hook ie的send和recv函数,想把网页的内容拿下来,dll已经写好了,还写了个将它注入IE的程序,通过IceWorld查看也证明这个Dll也成功的注入IE了,但是我自己的MySend函数不起作用,不知道是为什么。希望有经验的大神们帮忙看看吧。谢啦!
// dllmain.cpp : 定义 DLL 应用程序的入口点。
#include "stdafx.h"
#include <WinSock.h>
#include <stdio.h>
#include "detours.h"
#pragma comment(lib, "ws2_32.lib")
#pragma comment (lib,"detours.lib")
#pragma comment (lib,"detoured.lib")
int (WINAPI *pSend)(SOCKET s, const char* buf,int len, int flags) = send;
int WINAPI MySend(SOCKET s, const char* buf,int len, int flags);
int (WINAPI *pRecv)(SOCKET s, __out_bcount_part(len, return) __out_data_source(NETWORK) char* buf,int len, int flags) = recv;
int WINAPI MyRecv(SOCKET s, __out_bcount_part(len, return) __out_data_source(NETWORK) char* buf,int len, int flag);
int WINAPI MySend(SOCKET s, const char* buf, int len, int flags)
{
FILE *pSendLogFile;
fopen_s(&pSendLogFile, "C: \\SendLog.txt", "a+");
fprintf(pSendLogFile, "%s\n", buf);
MessageBox(NULL,"Error!send","Error in Detours!",MB_OK);
fclose(pSendLogFile);
return pSend(s, buf, len, flags);
}
int WINAPI MyRecv(SOCKET s, char* buf, int len, int flags)
{
FILE *pRecvLogFile;
fopen_s(&pRecvLogFile, "C: \\RecvLog.txt", "a+");
fprintf(pRecvLogFile, "%s\n", buf);
MessageBox(NULL,"Error!recv","Error in Detours!",MB_OK);
fclose(pRecvLogFile);
return pRecv(s, buf, len, flags);
}
BOOL APIENTRY DllMain( HMODULE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
int error;
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
DisableThreadLibraryCalls(hModule);
DetourTransactionBegin();
DetourUpdateThread(::GetCurrentThread());
DetourAttach(&(PVOID&)pSend, MySend);
error = DetourTransactionCommit();
if(NO_ERROR!=error)
{
MessageBox(NULL,"Error!","Error in Detours!",MB_OK);
}
DetourTransactionBegin();
DetourUpdateThread(::GetCurrentThread());
DetourAttach(&(PVOID&)pRecv, MyRecv);
error = DetourTransactionCommit();
if(NO_ERROR!=error)
{
MessageBox(NULL,"Error!","Error in Detours!",MB_OK);
}
break;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)pSend, MySend);
error = DetourTransactionCommit();
MessageBox(NULL,"Detour ends","Prompt!",MB_OK);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)pRecv, MyRecv);
error = DetourTransactionCommit();
MessageBox(NULL,"Detour ends","Prompt!",MB_OK);
break;
; }
return TRUE;
}
...全文
请发表友善的回复…
发表回复
sunlin7 2010-05-05
- 打赏
- 举报
send是同步的网络函数。IE应该用的是异步的版本的网络函数。
maxch1225 2010-05-01
- 打赏
- 举报
//傻帽,IE没接口吗!
weixd989 2010-04-25
- 打赏
- 举报
你应该是没有hook到IE调用的send
尹成 2010-04-22
- 打赏
- 举报
hook winsock不如hook wininet
wzxjerry 2010-04-22
- 打赏
- 举报
谢谢vcTiro呀!!!我来按你的意见试一下
。期盼我成功吧!!!哈哈…………
。期盼我成功吧!!!哈哈…………
vcTiro 2010-04-22
- 打赏
- 举报
参考一下这篇博文:
http://blog.csdn.net/vcPlayer/archive/2008/07/20/2681758.aspx
貌似你还少了一个导出函数.
http://blog.csdn.net/vcPlayer/archive/2008/07/20/2681758.aspx
貌似你还少了一个导出函数.
vcTiro 2010-04-22
- 打赏
- 举报
BOOL APIENTRY DllMain( HMODULE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
int error;
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
DisableThreadLibraryCalls(hModule);
DetourTransactionBegin();
DetourUpdateThread(::GetCurrentThread());
DetourAttach(&(PVOID&)pSend, MySend);
error = DetourTransactionCommit();
if(NO_ERROR!=error)
{
MessageBox(NULL,"Error!","Error in Detours!",MB_OK);
}
DetourTransactionBegin();
DetourUpdateThread(::GetCurrentThread());
DetourAttach(&(PVOID&)pRecv, MyRecv);
error = DetourTransactionCommit();
if(NO_ERROR!=error)
{
MessageBox(NULL,"Error!","Error in Detours!",MB_OK);
}
break;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
break;
case DLL_PROCESS_DETACH:
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)pSend, MySend);
error = DetourTransactionCommit();
MessageBox(NULL,"Detour ends","Prompt!",MB_OK);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)pRecv, MyRecv);
error = DetourTransactionCommit();
MessageBox(NULL,"Detour ends","Prompt!",MB_OK);
break;
; }
return TRUE;
}
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
int error;
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
DisableThreadLibraryCalls(hModule);
DetourTransactionBegin();
DetourUpdateThread(::GetCurrentThread());
DetourAttach(&(PVOID&)pSend, MySend);
error = DetourTransactionCommit();
if(NO_ERROR!=error)
{
MessageBox(NULL,"Error!","Error in Detours!",MB_OK);
}
DetourTransactionBegin();
DetourUpdateThread(::GetCurrentThread());
DetourAttach(&(PVOID&)pRecv, MyRecv);
error = DetourTransactionCommit();
if(NO_ERROR!=error)
{
MessageBox(NULL,"Error!","Error in Detours!",MB_OK);
}
break;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
break;
case DLL_PROCESS_DETACH:
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)pSend, MySend);
error = DetourTransactionCommit();
MessageBox(NULL,"Detour ends","Prompt!",MB_OK);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)pRecv, MyRecv);
error = DetourTransactionCommit();
MessageBox(NULL,"Detour ends","Prompt!",MB_OK);
break;
; }
return TRUE;
}
sgzwiz 2010-04-22
- 打赏
- 举报
用od调试下,不就知道了
yushiqiang1688 2010-04-22
- 打赏
- 举报
hook wininet
mcaok 2010-04-22
- 打赏
- 举报
COM接口。
wzxjerry 2010-04-22
- 打赏
- 举报
我现在有个猜测就是,IE接受信息的时候可能用的不是Recv这个函数。所以没有hook成功。或者是我代码写错了呢?盼望大神指出我的错误呀。
Vector_fz 2010-04-22
- 打赏
- 举报
应当没有hook成功
wzxjerry 2010-04-22
- 打赏
- 举报
楼上的都说得很对。可是我现在做到这里了,不想半途而废呀,而且最关键的是,现在不解决这个问题心里很郁闷呀!!呵呵…………各位大侠还是指出我的错误吧。我再来尝试hook wininet。不解决这个问题,兄弟我寝食难安呀!!~~~~(>_<)~~~~
wzxjerry 2010-04-21
- 打赏
- 举报
小弟刚学,嘿嘿…………慢慢尝试呗。
prodiving 2010-04-21
- 打赏
- 举报
做的太低层了吧你, hook winsock不如hook wininet
拿网页的数据貌似也可以通过 ie的那些COM接口,
拿网页的数据貌似也可以通过 ie的那些COM接口,
