|
|
[求助]Delphi Hook inet_addr 为何无效
这个也无效。郁闷 unit APIHook;
interface
uses
SysUtils,
Windows, WinSock,idWinSock2;
type
int=integer;
lpfn_WSACONNECT = function ( const s : TSocket; const name : PSockAddr; const namelen : Integer; lpCallerData,lpCalleeData : LPWSABUF; lpSQOS,lpGQOS : LPQOS ) : Integer; stdcall;
PJmpCodeWSACONNECT = ^TJmpCodeWSACONNECT;
TJmpCodeWSACONNECT = packed record
JmpCode: BYTE;
Address: lpfn_WSACONNECT;
MovEAX: Array [0..2] of BYTE;
end;
//--------------------函数声明---------------------------
procedure HookAPI;
procedure UnHookAPI;
var
OldWSAConnect: lpfn_WSACONNECT; //原来的API地址
JmpCodeWSACONNECT: TJmpCodeWSACONNECT;
OldProcWSACONNECT:TJmpCodeWSACONNECT;
AddWSAConnect: pointer;
ProcessHandle: THandle;
implementation
{---------------------------------------}
{函数功能:Recv函数的HOOK
{函数参数:同Recv
{函数返回值:integer
{---------------------------------------}
function MyWSAConnect( const s : TSocket; const name : PSockAddr; const namelen : Integer; lpCallerData,lpCalleeData : LPWSABUF; lpSQOS,lpGQOS : LPQOS ) : Integer; stdcall;
var
dwSize: cardinal;
port:word;
begin
WriteProcessMemory(ProcessHandle, AddWSAConnect, @OldProcWSAConnect, 8, dwSize);
port:=ntohs(name^.sin_port);
if (port=80) then
begin
ShowMessage('OK');
name^.sin_addr.S_addr:=inet_Addr('127.0.0.1');
end;
Result := OldWSAConnect(S,name, namelen, lpCallerData,lpCalleeData, lpSQOS,lpGQOS );
JmpCodeWSACONNECT.Address := @MyWSAConnect;
WriteProcessMemory(ProcessHandle, AddWSAConnect, @JmpCodeWSAConnect, 8, dwSize);
end;
{------------------------------------}
{过程功能:HookAPI
{过程参数:无
{------------------------------------}
procedure HookAPI;
var
DLLModule: THandle;
dwSize: cardinal;
begin
ProcessHandle := GetCurrentProcess;
DLLModule := LoadLibrary('ws2_32.dll');
AddWSAConnect := GetProcAddress(DLLModule, 'WSAConnect');
ShowMessage('Hooked');
JmpCodeWSACONNECT.JmpCode := $B8;
JmpCodeWSACONNECT.MovEAX[0] := $FF;
JmpCodeWSACONNECT.MovEAX[1] := $E0;
JmpCodeWSACONNECT.MovEAX[2] := 0;
ReadProcessMemory(ProcessHandle, AddWSAConnect, @OldProcWSACONNECT, 8, dwSize);
JmpCodeWSACONNECT.Address := @MyWSAConnect;
WriteProcessMemory(ProcessHandle, AddWSAConnect, @JmpCodeWSACONNECT, 8, dwSize); //修改WSAConnect入口
OldWSAConnect := AddWSAConnect;
end;
{------------------------------------}
{过程功能:取消HOOKAPI
{过程参数:无
{------------------------------------}
procedure UnHookAPI;
var
dwSize: Cardinal;
begin
WriteProcessMemory(ProcessHandle, AddWSAConnect, @OldProcWSAConnect, 8, dwSize);
end;
end.
|
|
|
[原创]Hook Api Library 0.2[Ring0]& LDE32引擎[Ring0] For Delphi
好像 XP 以上版本都不行了。我在XP 测试的 DLL 正常。但是到 2003 上就不行了 |
|
|
[原创]用OD手脱 Armadillo v4.40 DLL壳 (动画)
不邋。很NB的克 |
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
勋章
兑换勋章
证书
证书查询 >
能力值
