Hi all,

I am trying to hook on WSASend and WSARecv
I wrote a windows form app in managed c++

So how can i now give information to my gui ?

Here is my BvrHook code ... it has 77 errors :')
//BvrHook.cpp : injectable .dll

#include "stdafx.h"
#include "Form1.h"

using namespace Bvr;

int ((WINAPI)*WSASend) (SOCKET, LPWSABUF, DWORD, LPDWORD, DWORD , LPWSAOVERLAPPED ,
LPWSAOVERLAPPED_COMPLETION_ROUTINE) = WSASend;

int WINAPI MyWSASend (SOCKET s, LPWSABUF lpBuffers, DWORD dwBufferCount, LPDWORD lpNumberOfBytedSent,
DWORD dwFlags, LPWSAOVERLAPPED lpOverlapped,
LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine);

int (WINAPI *WSARecv) (SOCKET , LPWSABUF, DWORD, LPDWORD, LPDWORD,
LPWSAOVERLAPPED,LPWSAOVERLAPPED_COMPLETION_ROUTINE) = WSARecv;

int WINAPI MyWSARecv (SOCKET s, LPWSABUF lpBuffers, DWORD dwBufferCount, LPDWORD lpNumberOfBytesRecvd,
LPDWORD lpFlags, LPWSAOVERLAPPED lpOverlapped,
LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine);


INT APIENTRY DllMain(HMODULE hDLL, DWORD Reason, LPVOID Reserved)
{
switch(Reason)
{
case DLL_PROCESS_ATTACH:
DisableThreadLibraryCalls(hDLL);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)WSASend, MyWSASend);

if(DetourTransactionCommit() == NO_ERROR)
OutputDebugString("send() detoured successfully");

DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)WSARecv, MyWSARecv);
if(DetourTransactionCommit() == NO_ERROR)
OutputDebugString("recv() detoured successfully");
break;

case DLL_PROCESS_DETACH:
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)FuncToDetour, MyFunc);
DetourTransactionCommit();
break;

case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
break;
}
return TRUE;
}


int WINAPI MyWSASend (SOCKET s, LPWSABUF lpBuffers, DWORD dwBufferCount, LPDWORD lpNumberOfBytedSent,
DWORD dwFlags, LPWSAOVERLAPPED lpOverlapped,
LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine)
{
printInGui(lpBuffers);
return WSASend(s , lpBuffers, dwBufferCount, lpNumberOfBytedSent,
dwFlags, lpOverlapped,lpCompletionRoutine);
}


int WINAPI MyWSARecv (SOCKET s, LPWSABUF lpBuffers, DWORD dwBufferCount, LPDWORD lpNumberOfBytesRecvd,
LPDWORD lpFlags, LPWSAOVERLAPPED lpOverlapped,
LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine)
{


return WSARecv (s, lpBuffers, dwBufferCount, lpNumberOfBytesRecvd,
lpFlags, lpOverlapped, lpCompletionRoutine);
}

void printInGui(LPWSABUF lpBuffers){

//HOW DO I GIVE lpBUFFERS TO MY APP TO WORK WITH?

}



Thanks in advance;

First, your printInGui() should take a second argument representing the size of the buffer (dwBufferCount). Otherwise you wouldn't know how big the buffer was.

Second, I think the data in lpBuffers should also be const, because this function, printInGui, is not supposed to modify it.

HOW DO I GIVE lpBUFFERS TO MY APP TO WORK WITH?
I don't understand this question. You have the buffer, pass it to the functions that need to do something with it.

First of all thanks for your answer,

First, your printInGui() should take a second argument representing the size of the buffer (dwBufferCount). Otherwise you wouldn't know how big the buffer was.
I agree

Second, I think the data in lpBuffers should also be const, because this function, printInGui, is not supposed to modify it.
In future i would like to edit the packet , so i have to be able to modify the data.

I don't understand this question. You have the buffer, pass it to the functions that need to do something with it.
I wrote my gui in managed C++. Now I am wondering , how can i show the data in my gui?
adding namespace to BvrHook ?
and use a method from Bvr ? f.e. Bvr::PrintData( buffer , datasize); ?

I don't understand how this should be done

You have to make your GUI class (form) known to this print method, or to the MyWSASend and MyWSARecv methods. I guess there could be different ways to do this. One is to use an intermediate class.

Let's assume you have a YourForm class (representing a form), that has a PrintBuffer() function.

You can have a class like this, that stores a form handle, and has a HandleBuffer method that dispatches the call to your forms' PrintBuffer.

ref class Dispatcher
{
Form^ m_Form;
public:
void AttachForm(Form^ form) {m_Form = form;}

void HandleBuffer(LPWSABUF lpBuffers, DWORD size);
};


#include "yourform.h"


void Dispatcher::HandleBuffer(LPWSABUF lpBuffers, DWORD size)
{
YourForm^ form = dynamic_cast<YourForm^>(m_Form);
form->PrintBuffer(lpBuffers, size);
}

You declare a global variable of this Dispatcher, and use it both in main function and your form. You attach your form instance to this dispatcher.

The reason for proposing this was to decouple the detour function from knowing exactly to whom the calls should be made. They use this dispatcher. Of course, the dispatcher can have a list of forms, and you can attach/detach any number, and each time the HandleBuffer() method is called, all of them are notified.

[ redirected ]