// this is where we are intercepting all file accesses!
public int send_Hooked(IntPtr socket_handle, IntPtr lpBuffer, int buflen, int flags)
{
preprocessHook();
//String z = extractBufferAsString(lpBuffer, buflen < BUFFER_SAMPLE_LENGTH ? buflen : BUFFER_SAMPLE_LENGTH);
String z = extractBufferAsString(lpBuffer, buflen);
z.Replace("\r\n", " ");
//Console.WriteLine(z);
Console.WriteLine("ws2_32.send intercepted");
Func <int, string, string> gen = null;
gen = (num, symb) => num == 0?"":gen(num - 1, symb) + symb;
//Console.WriteLine(gen(10,"<")+gen(10,">"));
TransferUnit transfer_unit = createTransferUnit();
transfer_unit[Color.Handle] = socket_handle.ToInt32();
transfer_unit[Color.Buffer] = z;
int result = WS2_32Support.send(socket_handle, lpBuffer, buflen, flags);
if (result != WS2_32Support.SOCKET_ERROR)
{
makeCallBack(transfer_unit);
}
return(result);
}
// this is where we are intercepting all file accesses!
public int connect_Hooked(IntPtr socket, IntPtr lpSockAddr, int namelen)
{
preprocessHook();
TransferUnit transfer_unit = createTransferUnit();
transfer_unit[Color.Handle] = socket.ToInt32();
// call original API...
int result = WS2_32Support.connect(socket, lpSockAddr, namelen);
transfer_unit[Color.Result] = result;
//Discovered in opera. Connect returns -1. But opera sends data anyway through this socket.
//So we disable error checking here
//if (result != WS2_32Support.SOCKET_ERROR)
makeCallBack(transfer_unit);
//else {
// int error = WS2_32Support.WSAGetLastError();
// WS2_32Support.WSASetLastError(error);
//}
return(result);
}
// this is where we are intercepting all file accesses!
public int listen_Hooked(IntPtr socket, int backlog)
{
preprocessHook();
// call original API...
int result = WS2_32Support.listen(socket, backlog);
TransferUnit transfer_unit = createTransferUnit();
transfer_unit[Color.Handle] = socket.ToInt32();
if (result != WS2_32Support.SOCKET_ERROR)
{
makeCallBack(transfer_unit);
}
return(result);
}
// this is where we are intercepting all file accesses!
public int bind_Hooked(IntPtr socket, IntPtr lpSockAddr, int namelen)
{
preprocessHook();
// call original API...
int result = WS2_32Support.bind(socket, lpSockAddr, namelen);
TransferUnit transfer_unit = createTransferUnit();
transfer_unit[Color.Handle] = socket.ToInt32();
if (result != WS2_32Support.SOCKET_ERROR)
{
makeCallBack(transfer_unit);
}
return(result);
}
// this is where we are intercepting all file accesses!
public IntPtr accept_Hooked(IntPtr socket, IntPtr lpSockAddr, IntPtr int_addrlen)
{
preprocessHook();
// call original API...
IntPtr result = WS2_32Support.accept(socket, lpSockAddr, int_addrlen);
TransferUnit transfer_unit = createTransferUnit();
transfer_unit[Color.ListeningSocketHandle] = socket.ToInt32();
transfer_unit[Color.Handle] = result.ToInt32();
if (result.ToInt32() != WS2_32Support.INVALID_SOCKET)
{
makeCallBack(transfer_unit);
}
return(result);
}
// this is where we are intercepting all file accesses!
public int WSAConnect_Hooked(IntPtr socket, IntPtr lpSockAddr, int namelen, IntPtr lpCallerData, IntPtr lpCalleeData, IntPtr lpSQOS, IntPtr lpGQOS)
{
preprocessHook();
TransferUnit transfer_unit = createTransferUnit();
transfer_unit[Color.Handle] = socket.ToInt32();
// call original API...
int result = WS2_32Support.WSAConnect(socket, lpSockAddr, namelen, lpCallerData, lpCalleeData, lpSQOS, lpGQOS);
transfer_unit[Color.Result] = result;
if (result != WS2_32Support.SOCKET_ERROR)
{
makeCallBack(transfer_unit);
}
return(result);
}
// this is where we are intercepting all file accesses!
public int WSASend_Hooked(IntPtr socket_handle, IntPtr lpBuffers, Int32 dwBufferCount, ref Int32 lpNumberOfBytesSent, int flags, IntPtr lpOverlapped, IntPtr lpCompletionRoutine)
{
preprocessHook();
WS2_32Support.WSABUF[] buffers = new WS2_32Support.WSABUF[dwBufferCount];
unsafe {
WS2_32Support.WSABUF *lpbuffer = (WS2_32Support.WSABUF *)lpBuffers.ToPointer();
for (int i = 0; i < dwBufferCount; i++)
{
buffers[i] = lpbuffer[i];
}
}
string z = "";
for (int i = 0; i < dwBufferCount; i++)
{
z += AbstractHookDescription.extractBufferAsString(buffers[i].buf, (int)(buffers[i].len < BUFFER_SAMPLE_LENGTH ? buffers[i].len : buffers[i].len));
}
z.Replace("\r\n", " ");
//Console.WriteLine(z);
Console.WriteLine("ws2_32.WSASend intercepted");
Func <int, string, string> gen = null;
gen = (num, symb) => num == 0 ? "" : gen(num - 1, symb) + symb;
//Console.WriteLine(gen(10, "<") + gen(10, ">"));
TransferUnit transfer_unit = createTransferUnit();
transfer_unit[Color.Handle] = socket_handle.ToInt32();
transfer_unit[Color.Buffer] = z;
//call original API
int result = WS2_32Support.WSASend(socket_handle, lpBuffers, dwBufferCount, ref lpNumberOfBytesSent, flags, lpOverlapped, lpCompletionRoutine);
if (result != WS2_32Support.SOCKET_ERROR)
{
makeCallBack(transfer_unit);
}
return(result);
}
// this is where we are intercepting all file accesses!
public IntPtr WSASocket_Hooked(WS2_32Support.ADDRESS_FAMILIES af, WS2_32Support.SOCKET_TYPE socket_type, WS2_32Support.PROTOCOL protocol,
IntPtr lpProtocolInfo, Int32 group, WS2_32Support.OPTION_FLAGS_PER_SOCKET dwFlags)
{
preprocessHook();
// call original API...
IntPtr socket_handle = WS2_32Support.WSASocketW(af, socket_type, protocol, lpProtocolInfo, group, dwFlags);
TransferUnit transfer_unit = createTransferUnit();
transfer_unit[Color.AddressFamily] = af;
transfer_unit[Color.SocketType] = socket_type;
transfer_unit[Color.Protocol] = protocol;
transfer_unit[Color.Flags] = dwFlags;
transfer_unit[Color.Handle] = socket_handle.ToInt32();
if (socket_handle.ToInt32() != Kernel32Support.INVALID_HANDLE_VALUE)
{
makeCallBack(transfer_unit);
}
return(socket_handle);
}
