Location:
Search - xhook
Search list
Description: 当你在网络上抓到一些数据包,想知道这些包是哪个进程发出来的时候,
怎么办?这个小工具也许能帮一些忙。
这个工具采用的是HOOK进程的winsock API,把一些数据记录下来。-When you caught on the network data packets and would like to know which of these packages is issued to the process, how do? This small tools may be able to help some busy. This tool is used in the process of winsock HOOK API, some data is recorded.
Platform: |
Size: 58703 |
Author: 肖武 |
Hits:
Description: 对SOCKET的HOOK所有API函数的VC代码
对研究数据报有很大的作用
大家可以研究研究。
Platform: |
Size: 58703 |
Author: aaaa |
Hits:
Description: 当你在网络上抓到一些数据包,想知道这些包是哪个进程发出来的时候,
怎么办?这个小工具也许能帮一些忙。
这个工具采用的是HOOK进程的winsock API,把一些数据记录下来。-When you caught on the network data packets and would like to know which of these packages is issued to the process, how do? This small tools may be able to help some busy. This tool is used in the process of winsock HOOK API, some data is recorded.
Platform: |
Size: 58368 |
Author: 肖武 |
Hits:
Description: Windows系统下各种HookApi的示例源码,包括网络、注册表、文件、对话筐、进程等各个方面,强烈推荐-Windows system HookApi examples of a variety of source, including network, registry, files, dialog boxes, process and other aspects, strongly recommended
Platform: |
Size: 423936 |
Author: lijunwei |
Hits:
Description: 对SOCKET的HOOK所有API函数的VC代码
对研究数据报有很大的作用
大家可以研究研究。
-The HOOK on the SOCKET all API function VC code reported on the research data has a significant role in U.S. studies can study.
Platform: |
Size: 58368 |
Author: aaaa |
Hits:
Description: 这个工具采用的是HOOK进程的winsock API,把一些数据记录下来。
2.1 patch静态文件,即运行前挂钩.
2.2 也是修改IAT,跟1.1一样.
2.3 修改目标函数的前几个字节,跳转到新的函数,但不再调用原始函数,无
实际意义,作者只是做演示?
2.4 这种方法(3.2.3 保存原始函数)很COOL,其中的亮点和难点就是“获取任意
地址的指令长度”。
之前我也想用2.4这种办法,但卡在如何“获取任意地址的指令长度”上面了:(
在看到《挂钩Windows API》这篇文章之前,我取了一个比较简单有效的办法:
3.1 把目标函数的DLL COPY一份到内存中,修改原目标函数的前几字节,跳转
到我们的函数,在我们的函数中调用原函数新的COPY。-AppWizard has created this xHook DLL for you.
This file contains a summary of what you will find in each of the files that
make up your xHook application.
xHook.dsp
This file (the project file) contains information at the project level and
is used to build a single project or subproject. Other users can share the
project (.dsp) file, but they should export the makefiles locally.
xHook.cpp
This is the main DLL source file.
xHook.h
This file contains your DLL exports.
/////////////////////////////////////////////////////////////////////////////
Other standard files:
StdAfx.h, StdAfx.cpp
These files are used to build a precompiled header (PCH) file
named xHook.pch and a precompiled types file named StdAfx.obj.
/////////////////////////////////////////////////////////////////////////////
Other notes:
AppWizard uses "TODO:" to indicate parts of the source code you
should add to or customize.
Platform: |
Size: 58368 |
Author: yunfeng |
Hits: