Location:
Search - hook winsock
Search list
Description: 当你在网络上抓到一些数据包,想知道这些包是哪个进程发出来的时候,
怎么办?这个小工具也许能帮一些忙。
这个工具采用的是HOOK进程的winsock API,把一些数据记录下来。-When you caught on the network data packets and would like to know which of these packages is issued to the process, how do? This small tools may be able to help some busy. This tool is used in the process of winsock HOOK API, some data is recorded.
Platform: |
Size: 58703 |
Author: 肖武 |
Hits:
Description: winsock api hook,也就是钩子了-winsock api hook, the hook is
Platform: |
Size: 37698 |
Author: 龙猫 |
Hits:
Description: 一篇关于 “基于winsocket SPI的数据报过滤原理和实现”的文档,文末附有源代码-a "winsocket SPI based on the data reported filtration principle and the realization" of the documents, with the end of the text source code
Platform: |
Size: 12288 |
Author: 林荣 |
Hits:
Description: 如何跟踪WinSock中的通讯-tracking how the communications WinSock
Platform: |
Size: 3072 |
Author: 张jf |
Hits:
Description: 给你一种如何钩住windows socket 的方法,这种方法是写一个新的windows socket ,根据需要处理相应的api-to you how hooked windows of a socket approach, which is to write a new windows socket, according to the need to address the corresponding api
Platform: |
Size: 3072 |
Author: zhouruisheng |
Hits:
Description: 采用替换文件的方法截获WinSock中的函数调用-replacement document using the method WinSock intercepted the function call
Platform: |
Size: 3072 |
Author: 王伶 |
Hits:
Description: 当你在网络上抓到一些数据包,想知道这些包是哪个进程发出来的时候,
怎么办?这个小工具也许能帮一些忙。
这个工具采用的是HOOK进程的winsock API,把一些数据记录下来。-When you caught on the network data packets and would like to know which of these packages is issued to the process, how do? This small tools may be able to help some busy. This tool is used in the process of winsock HOOK API, some data is recorded.
Platform: |
Size: 58368 |
Author: 肖武 |
Hits:
Description: 采用替换文件的方法截获WinSock中的函数调用-replacement document using the method WinSock intercepted the function call
Platform: |
Size: 3072 |
Author: 阳广元 |
Hits:
Description: A new method of propagation for computer viruses is here
presented, Automated File Transfer Infection (AFTI). This
method is specific for the Microsoft® Windows®
NT/2000/XP/Server 2003 platforms, albeit it may be extended to
the 95/98/ME systems as well, and even other Operating
Systems. It is based upon WinSock 2 hooking with the Service
Provider Interface (SPI).-A new method of propagation for computer vi ruses is here presented. Automated File Transfer Infection (AFTI). Thi 's method is specific for the Microsoft
Platform: |
Size: 14336 |
Author: ws07 |
Hits:
Description: 传奇3刷钱外挂Dll程序源代码,拦截封包自动进行刷钱动作,返回结果给服务端,完成耍钱过程。-Legends of 3刷钱plug Dll source code, to intercept packets刷钱automatically moves to return the results to the server to complete the process of耍钱.
Platform: |
Size: 188416 |
Author: 好好 |
Hits:
Description: 费尔防火墙完整的源代码。
费尔个人防火墙采用两种封包过滤技术:
1. 应用层封包过滤,采用 Winsock 2 SPI。
2. 核心层封包过滤,采用 NDIS-HOOK。-Fairbanks, complete source code for a firewall. Fairbanks Personal Firewall uses two types of packet filtering technology: 1. Application-layer packet filtering, the use of Winsock 2 SPI. 2. The core level of packet filtering, the use of NDIS-HOOK.
Platform: |
Size: 258048 |
Author: 雄鹰 |
Hits:
Description: A sample of work that shows how to hook WinSock with Visual Studio. It has 2 sample hook source and one test application to elaborate the subject
Platform: |
Size: 36864 |
Author: Munir |
Hits:
Description: VC Hook钩子技术应用该软件采用apihook,winsock等技术-VC Hook钩子技术应用
Platform: |
Size: 3576832 |
Author: 啸风 |
Hits:
Description: winsock
hook function
Platform: |
Size: 21504 |
Author: ha1 |
Hits:
Description: 这个工具采用的是HOOK进程的winsock API,把一些数据记录下来。
2.1 patch静态文件,即运行前挂钩.
2.2 也是修改IAT,跟1.1一样.
2.3 修改目标函数的前几个字节,跳转到新的函数,但不再调用原始函数,无
实际意义,作者只是做演示?
2.4 这种方法(3.2.3 保存原始函数)很COOL,其中的亮点和难点就是“获取任意
地址的指令长度”。
之前我也想用2.4这种办法,但卡在如何“获取任意地址的指令长度”上面了:(
在看到《挂钩Windows API》这篇文章之前,我取了一个比较简单有效的办法:
3.1 把目标函数的DLL COPY一份到内存中,修改原目标函数的前几字节,跳转
到我们的函数,在我们的函数中调用原函数新的COPY。-AppWizard has created this xHook DLL for you.
This file contains a summary of what you will find in each of the files that
make up your xHook application.
xHook.dsp
This file (the project file) contains information at the project level and
is used to build a single project or subproject. Other users can share the
project (.dsp) file, but they should export the makefiles locally.
xHook.cpp
This is the main DLL source file.
xHook.h
This file contains your DLL exports.
/////////////////////////////////////////////////////////////////////////////
Other standard files:
StdAfx.h, StdAfx.cpp
These files are used to build a precompiled header (PCH) file
named xHook.pch and a precompiled types file named StdAfx.obj.
/////////////////////////////////////////////////////////////////////////////
Other notes:
AppWizard uses "TODO:" to indicate parts of the source code you
should add to or customize.
Platform: |
Size: 58368 |
Author: yunfeng |
Hits:
Description:
基于WFP模型的网络防火墙设计实现
WFP(Windows Filter Platform)是为网络过滤应用开发平台提供支持的API和系统服务的集合。WFP允许开发者编写代码和操作系统的网络协议栈
交互。网络数据可以在到达目的地之前被过滤和修改。通过提供简单的开发平台,WFP被用于取代以前的TDI过滤,NDIS过滤,以及LSP(Winsock
Layered Service )。在Visita及以后的系统火墙钩子,过滤钩子驱动将不再适用。
-Model-based network firewall designed to achieve WFP WFP (Windows Filter Platform) is a collection that provides support for network filtering application development platform API and system services. WFP allows developers to write interactive network protocol stack and operating system code. Network data can be filtered and modified before reaching the destination. By providing a simple development platform, WFP is used to replace the previous TDI filter, NDIS filter, and LSP (Winsock Layered Service). Visita systems in and beyond the firewall hook, the filter hook driver will no longer apply.
Platform: |
Size: 350208 |
Author: 注册会员 |
Hits: