Buszując po necie znalazłem coś takiego :
[code]
FARPROC (WINAPI *GetProcAddressOriginal)(HMODULE hModule, LPCSTR lpProcName);
FARPROC __stdcall GetProcAddressHook(HMODULE hModule, LPCSTR lpProcName);
int (WINAPI *osend)(SOCKET s, const char *buf, int len, int flags);
int __stdcall gsend(SOCKET s, const char *buf, int len, int flags);
int (WINAPI *orecv)(SOCKET s, const char *buf, int len, int flags);
int __stdcall grecv(SOCKET s, const char *buf, int len, int flags);
FARPROC __stdcall GetProcAddressHook(HMODULE hModule, LPCSTR lpProcName)
{
FARPROC ret = GetProcAddressOriginal(hModule, lpProcName);
if(HIWORD(lpProcName))
{
WriteLog("%s Detected!\n", lpProcName);
if(!strcmp(lpProcName, "GetProcAddress"))
{
WriteLog("%s Hooked!\n", lpProcName);
return (FARPROC)GetProcAddressHook;
}
}
return ret;
}
int __stdcall gsend(SOCKET s, const char *buf, int len, int flags)
{
int ret = osend(s, buf, len, flags);
WriteLog("Send: %s\n", buf);
return ret;
}
int __stdcall grecv(SOCKET s, const char *buf, int len, int flags)
{
int ret = orecv(s, buf, len, flags);
WriteLog("Recv: %s\n", buf);
return ret;
}
void HookFuncs()
{
FARPROC sendproc = GetProcAddress(GetModuleHandle("WS2_32.DLL"), (const char *)19);
FARPROC recvproc = GetProcAddress(GetModuleHandle("WS2_32.DLL"), (const char *)16);
HookFunction(GetModuleHandle(0), (DWORD)GetProcAddress, (DWORD)GetProcAddressHook, (void **)&GetProcAddressOriginal);
HookFunction(GetModuleHandle(0), (DWORD)sendproc, (DWORD)gsend, (void **)&osend);
HookFunction(GetModuleHandle(0), (DWORD)recvproc, (DWORD)grecv, (void **)&orecv);
}
bool WINAPI DllMain(HINSTANCE hInstance, DWORD dwReason, LPVOID _Reserved)
{
switch(dwReason)
{
case DLL_PROCESS_ATTACH:
WriteLog("Hooking DLL Loaded\n");
HookFuncs();
return true;
break;
case DLL_THREAD_ATTACH:
break;
case DLL_PROCESS_DETACH:
WriteLog("Hooking DLL Unloaded\n");
break;
case DLL_THREAD_DETACH:
break;
}
return true;
}
[/code]
u wszytko by było pięknie gdyby to że nie ma najważniejszego :D
Może orientuje sie ktoś skąd wziąć reszte ???