// this is where we are intercepting all file accesses!
static unsafe Int32 WSASend_Hooked(Int32 s, IntPtr lpBuffers, UInt32 dwBufferCount, IntPtr lpNumberOfBytesSent,
UInt32 dwFlags, IntPtr lpOverlapped, IntPtr lpCompletionRoutine)
{
try
{
DemoInjection This = (DemoInjection)HookRuntimeInfo.Callback;
lock (This.QueueWSASend)
{
WSABUF buffer = new WSABUF();
Marshal.PtrToStructure(lpBuffers, buffer);
if (This.QueueWSASend.Count < 1000)
{
This.QueueWSASend.Push(Marshal.PtrToStringAnsi((IntPtr)buffer.buf, (int)buffer.len));
}
}
}
catch
{
}
// call original API...
return(WSASend(s, lpBuffers, dwBufferCount, lpNumberOfBytesSent,
dwFlags, lpOverlapped, lpCompletionRoutine));
}
// this is where we are intercepting all file accesses!
static IntPtr CreateFile_Hooked(
String InFileName,
UInt32 InDesiredAccess,
UInt32 InShareMode,
IntPtr InSecurityAttributes,
UInt32 InCreationDisposition,
UInt32 InFlagsAndAttributes,
IntPtr InTemplateFile)
{
try
{
DemoInjection This = (DemoInjection)HookRuntimeInfo.Callback;
lock (This.Queue)
{
if (This.Queue.Count < 1000)
{
This.Queue.Push(InFileName);
}
}
}
catch
{
}
// call original API...
return(CreateFile(
InFileName,
InDesiredAccess,
InShareMode,
InSecurityAttributes,
InCreationDisposition,
InFlagsAndAttributes,
InTemplateFile));
}
// this is where we are intercepting all file accesses!
static unsafe Int32 recv_Hooked(Int32 s, IntPtr buf, Int32 len, Int32 flags)
{
try
{
DemoInjection This = (DemoInjection)HookRuntimeInfo.Callback;
String buffer = "";
//char* tempBuf = buf;
lock (This.QueueRecv)
{
if (This.QueueRecv.Count < 1000)
{
buffer = Marshal.PtrToStringAnsi(buf, len);
This.QueueRecv.Push(buffer);// (buf, char[])[0]).ToString());
}
}
}
catch
{
}
// call original API...
return(recv(s, buf, len, flags));
}