EMO Style ForumPro - Hos Geldiniz
Giriş yap

Şifremi unuttum

Istatistikler
Toplam 202 kayıtlı kullanıcımız var
Son kaydolan kullanıcımız: AnthonyFurey3

Kullanıcılarımız toplam 1186 mesaj attılar bunda 862 konu
Tarıyıcı
 Kapı
 Indeks
 Üye Listesi
 Profil
 SSS
 Arama
Arama
 
 

Sonuç :
 


Rechercher çıkıntı araştırma

RSS akısı


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Kimler hatta?
Toplam 4 kullanıcı online :: 0 Kayıtlı, 0 Gizli ve 4 Misafir :: 1 Arama motorları

Yok

[ Bütün listeye bak ]


Sitede bugüne kadar en çok 92 kişi Paz Ağus. 28, 2016 6:58 am tarihinde online oldu.
En son konular
» İnternetten Para Kazandıran Oyun ! Ödeme Alt Limiti Yok ! DEV KONU
Cuma Ağus. 29, 2014 8:33 am tarafından Hello EMO

» goldenchase.net maden yaparak para kazanma
Cuma Ağus. 29, 2014 8:18 am tarafından Hello EMO

» etichal hacker görsel egitim seti
Çarş. Ağus. 06, 2014 4:57 am tarafından Hello EMO

» KO TBL Source C#
Ptsi Ara. 09, 2013 6:36 am tarafından Hello EMO

» x86 Registers
C.tesi Ağus. 24, 2013 5:02 am tarafından Hello EMO

» [Tutorial] Pegando Address, Pointers de WYD
Çarş. Tem. 10, 2013 7:25 am tarafından Hello EMO

» [Tutorial] Pegando Address, Pointers de CS Metodo²
Çarş. Tem. 10, 2013 7:23 am tarafından Hello EMO

» [Tutorial] Aprendendo basico deASM OLLYDBG
Çarş. Tem. 10, 2013 7:22 am tarafından Hello EMO

» Basic C# DLL injector
Ptsi Tem. 08, 2013 7:48 am tarafından Hello EMO

Reklam

C++ Detour Trampoline (send/recv)

Önceki başlık Sonraki başlık Aşağa gitmek

C++ Detour Trampoline (send/recv)

Mesaj tarafından EMO Bir C.tesi Nis. 07, 2012 7:50 am

C++ Detour Trampoline (send/recv)

It’s time for a new code-snippet to be posted. It’s about detouring!



Let’s see what Wikipedia has to say about detouring.

Kod:
Source: Wikipedia
In computer programming, the term detouring covers a range of techniques used to alter or augment the behavior of an operating system, of applications, or of other software components by intercepting function calls or messages or events passed between software components. Code that handles such intercepted function calls, events or messages is called a “detour”.

Detouring is used for many purposes, including debugging and extending functionality. Examples might include intercepting keyboard or mouse event messages before they reach an application, or intercepting operating system calls in order to monitor behavior or modify the function of an application or other component.

Detouring can also be used by malicious code. For example, rootkits, pieces of software that try to make themselves invisible by faking the output of API calls that would otherwise reveal their existence, often use detouring techniques. A wallhack is another example of malicious behavior that can stem from detouring techniques. It is done by intercepting function calls in a computer game and altering what is shown to the player to allow them to gain an unfair advantage over other players.

In this example the following functions are hooked ‘send’ and ‘recv’. Let’s see what MSDN has to say about these functions.

Kod:
The send function sends data on a connected socket.
int send(
__in  SOCKET s,
__in  const char *buf,
__in  int len,
__in  int flags
);

Kod:
The recv function receives data from a connected socket or a bound connectionless socket.
int recv(
__in  SOCKET s,
__out  char *buf,
__in  int len,
__in  int flags
);

The ‘detour trampoline’ function is mainly used to hook regular functions, if you would want to hook addresses then your best option is to use ‘DetourAttach()’. And that’s pretty much everything I have to say about detouring. There is a source and a compiled library available at the bottom at this post. Currently what this ‘hook/detour’ does is that it shows a MessageBox with the information buffer of the function, and then it continues as if nothing happened. You can always modify the source and make it filter/replace specific information, but you can also make it write all the information to a file.

Source: http://skilinium.com/blog/downloads/Win32DetourSocket.CPP
Binary: http://skilinium.com/blog/downloads/Win32DetourSocket.dll
avatar
EMO
EMO Team
EMO Team

Cinsiyet : Erkek
Burçlar : Yay
Yılan
Mesaj Sayısı : 184
Puan : 107693
Rep Puanı : 5
Doğum tarihi : 28/11/89
Kayıt tarihi : 18/05/11
Yaş : 27
Nerden : EMO world
İş/Hobiler : RCE Student / Game Hacking / Learn Beginner C#,C++,Delphi
Lakap : EMO

Kullanıcı profilini gör

Sayfa başına dön Aşağa gitmek

Önceki başlık Sonraki başlık Sayfa başına dön


 
Bu forumun müsaadesi var:
Bu forumdaki mesajlara cevap veremezsiniz