wsock32.dll 和 ws2_32.lib 里面都有 recv这个函数 功能是一样的,只是函数地址不一样,hook的时候要注意。二选一吧。
#pragma comment(lib,“wsock32.lib”)
或
#pragma comment(lib,“ws2_32.lib”)
#include <windows.h>
#include <tchar.h>
#include <stdio.h>
#include "detours.h"
#pragma comment(lib,"detours.lib")
#define ARRAY_SIZE(x) (sizeof(x)/sizeof((x)[0]))
//以下是HOOK需要的头文件
//#include <winsock2.h>
//#include <MSWSock.h>
#pragma comment(lib,"wsock32.lib") //wsock32.lib ws2_32.lib
// 注意这个HOOK 是 hook wsock32.dll 的 recv 还是 ws2_32.lib 的 recv
#include <string.h>
#include<iostream>
using namespace std ;
int (WINAPI * TrueRecv) (SOCKET s,char FAR *buf,int len,int flags)=recv;
int nc = 0;
int GetByte(char FAR * adr )
{
char tk[2000]="";
int i = 0;
int len = strlen( adr);
char tem[250];
for (i=0; i<len; ++i) //++是自加的意思, ++i相当于i = i + 1
{
sprintf (tem," 0x%X",*(byte*)adr);
strcat(tk,tem);
adr=adr+1;
}
OutputDebugStringA (tk);
return 0;
}
char ByT[1000] ="";
int WINAPI TimedRecv(SOCKET s,char FAR *buf,int len,int flags)
{
int ret=0;
/*
char tem[50000]="";
if ( len==4096) // 判断 封包长度为 4096
{
// OutputDebugStringA( buf );
sprintf(tem, "%s",buf );
std::string str1=tem;
int pos1=str1.find("<CU_T>"); // <CU_T>11:22:56</CU_T>
int pos2=str1.find("</CU_T>"); // <CU_T>11:22:56</CU_T>
if ( pos1>0 && pos2>0 )
{
int subPos=pos2-pos1;
std::string str2=str1.substr(pos1+6,subPos-6);
OutputDebugStringA( str2.c_str() ); // 工具DbgView 查看 输出的时间
//SetWindowTextA(hwd, str2.c_str() ) ; // 把时间显示到窗体标题上
}
}
*/
//OutputDebugStringA( "接收到封包" );
ret = TrueRecv(s,buf,len,flags);
//nc = nc +1;
int lenEx = strlen(buf);
char tem[1000]="";
sprintf(tem, "封包长度A %d 封包长度B %d ", lenEx, len );
OutputDebugStringA( tem );
// GetByte (buf);
/*
if (lenEx == 1)
{
OutputDebugStringA( "修改数据包1" );
BYTE buff3[1] =
{
0x21
};
memcpy (buf, buff3,1); //从b中复制5个字符到a中,把a原有的字符都给覆盖了,采用组个覆盖的方式
}
if (lenEx ==336)
{
OutputDebugStringA( "修改数据包1" );
BYTE buff3[336] =
{
0x6B,0x73,0x73,0x64,0x61,0x74,0x61,0x30,0x3A,0x7C,0x3A,0x31,0x39,0x30,0x39,0x33,0x30,0x3A,0x7C,0x3A,0x68,0x74,0x74,0x70,0x3A,0x2F,0x2F,0x3A,0x7C,0x3A,0x77,0x55,0x6F,0x69,0x55,0x67,0x77,0x70,0x6B,0x41,0x5A,0x31,0x61,0x72,0x79,0x38,0x2B,0x74,0x6E,0x51,0x68,0x65,0x6E,0x65,0x31,0x62,0x71,0x43,0x64,0x30,0x72,0x68,0x71,0x79,0x39,0x76,0x50,0x64,0x31,0x43,0x6F,0x35,0x44,0x54,0x74,0x30,0x41,0x50,0x36,0x2F,0x50,0x68,0x62,0x41,0x4A,0x39,0x64,0x71,0x56,0x4D,0x4E,0x6A,0x58,0x58,0x56,0x6B,0x46,0x4E,0x42,0x77,0x34,0x39,0x61,0x54,0x47,0x31,0x4C,0x41,0x59,0x70,0x6B,0x43,0x69,0x77,0x62,0x68,0x54,0x57,0x41,0x75,0x68,0x38,0x6D,0x6A,0x66,0x51,0x57,0x4A,0x46,0x61,0x2B,0x44,0x79,0x65,0x31,0x47,0x59,0x53,0x30,0x50,0x50,0x57,0x47,0x33,0x50,0x77,0x61,0x62,0x4F,0x32,0x32,0x53,0x71,0x48,0x61,0x2B,0x51,0x62,0x47,0x70,0x42,0x54,0x65,0x32,0x51,0x4B,0x36,0x61,0x46,0x70,0x44,0x6E,0x79,0x74,0x48,0x36,0x39,0x61,0x30,0x66,0x38,0x41,0x6D,0x6D,0x79,0x37,0x50,0x68,0x38,0x51,0x47,0x33,0x68,0x62,0x51,0x42,0x6D,0x59,0x68,0x66,0x4B,0x4C,0x62,0x45,0x69,0x38,0x74,0x2F,0x34,0x4C,0x4E,0x57,0x6D,0x70,0x78,0x47,0x37,0x6C,0x2B,0x49,0x44,0x54,0x4F,0x69,0x67,0x62,0x78,0x79,0x64,0x6A,0x76,0x2B,0x6E,0x35,0x4B,0x74,0x2B,0x77,0x35,0x4E,0x4C,0x62,0x75,0x79,0x49,0x6D,0x54,0x4D,0x6E,0x50,0x57,0x63,0x2B,0x72,0x57,0x6F,0x5A,0x57,0x63,0x59,0x52,0x63,0x48,0x55,0x41,0x4C,0x49,0x2B,0x77,0x51,0x37,0x77,0x43,0x63,0x6A,0x47,0x6C,0x2F,0x34,0x4A,0x68,0x62,0x58,0x62,0x4F,0x69,0x57,0x6B,0x4D,0x61,0x33,0x73,0x6E,0x33,0x66,0x2B,0x62,0x70,0x79,0x63,0x67,0x6F,0x65,0x67,0x57,0x56,0x65,0x57,0x4F,0x57,0x4E,0x64,0x53,0x35,0x30,0x76,0x71,0x72,0x39,0x62,0x42,0x4E,0x59,0x7A,0x54,0x4A,0x48,0x77,0x3D,0x3D,0x3A,0x7C,0x3A,0x3A,0x7C,0x3A
};
memcpy (buf, buff3,336); //从b中复制5个字符到a中,把a原有的字符都给覆盖了,采用组个覆盖的方式
}
if (lenEx == 284)
{
OutputDebugStringA( "修改数据包1" );
BYTE buff3[284] =
{
0x63,0x72,0x79,0x70,0x74,0x72,0x73,0x61,0x64,0x61,0x74,0x61,0x64,0x49,0x64,0x77,0x67,0x68,0x37,0x64,0x36,0x6F,0x2B,0x61,0x69,0x70,0x6A,0x46,0x6F,0x34,0x39,0x59,0x7A,0x4D,0x34,0x54,0x55,0x5A,0x55,0x2F,0x5A,0x30,0x72,0x4B,0x32,0x54,0x67,0x5A,0x6D,0x30,0x51,0x56,0x41,0x4D,0x30,0x3D,0x60,0x51,0x4F,0x56,0x5A,0x7C,0x71,0x44,0x38,0x51,0x71,0x36,0x38,0x34,0x42,0x65,0x6B,0x58,0x79,0x68,0x76,0x59,0x70,0x71,0x66,0x51,0x6A,0x77,0x33,0x46,0x59,0x35,0x47,0x35,0x6F,0x36,0x5A,0x4D,0x6C,0x62,0x7A,0x36,0x43,0x49,0x7C,0x74,0x69,0x5A,0x42,0x61,0x32,0x77,0x55,0x61,0x7A,0x5F,0x5F,0x38,0x5A,0x59,0x35,0x6A,0x64,0x45,0x4C,0x73,0x59,0x5F,0x4D,0x6D,0x63,0x33,0x65,0x73,0x4A,0x72,0x51,0x4D,0x46,0x4D,0x6D,0x5A,0x4E,0x55,0x52,0x4E,0x4D,0x33,0x6C,0x38,0x5A,0x78,0x30,0x6F,0x62,0x42,0x77,0x37,0x64,0x6F,0x50,0x4C,0x50,0x42,0x5A,0x4D,0x5F,0x4E,0x74,0x6D,0x6A,0x54,0x74,0x32,0x75,0x6F,0x59,0x56,0x51,0x47,0x76,0x73,0x76,0x32,0x6A,0x43,0x69,0x72,0x61,0x4F,0x4F,0x39,0x4E,0x4C,0x76,0x46,0x4C,0x44,0x64,0x68,0x6E,0x34,0x4D,0x41,0x4C,0x69,0x5A,0x6A,0x58,0x58,0x71,0x64,0x6B,0x70,0x76,0x57,0x51,0x72,0x56,0x68,0x6C,0x63,0x43,0x42,0x5F,0x65,0x65,0x75,0x45,0x30,0x76,0x66,0x67,0x65,0x41,0x46,0x71,0x5F,0x4F,0x64,0x72,0x65,0x4B,0x77,0x53,0x47,0x4F,0x4D,0x53,0x65,0x43,0x43,0x57,0x73,0x66,0x52,0x30,0x7C,0x37,0x46,0x38,0x69,0x56,0x41,0x33,0x51,0x64,0x4A,0x7A,0x77,0x4A,0x57,0x34,0x6A,0x30,0x69,0x77,0x57,0x42,0x73,0x45,0x6A,0x74,0x6A,0x57,0x68,0x61,0x64
};
memcpy (buf, buff3,284); //从b中复制5个字符到a中,把a原有的字符都给覆盖了,采用组个覆盖的方式
}
if (lenEx == 104)
{
OutputDebugStringA( "修改数据包2" );
BYTE buff3[104] =
{
0x63,0x72,0x79,0x70,0x74,0x72,0x73,0x61,0x64,0x61,0x74,0x61,0x6A,0x4C,0x4D,0x4F,0x4C,0x65,0x46,0x54,0x78,0x47,0x6E,0x6D,0x68,0x57,0x43,0x6E,0x43,0x45,0x75,0x62,0x70,0x68,0x43,0x41,0x68,0x76,0x47,0x51,0x5A,0x53,0x59,0x78,0x6C,0x71,0x56,0x63,0x76,0x75,0x39,0x52,0x38,0x50,0x51,0x3D,0x60,0x69,0x59,0x58,0x36,0x69,0x32,0x38,0x68,0x6E,0x52,0x78,0x54,0x47,0x5F,0x51,0x30,0x56,0x67,0x42,0x33,0x75,0x67,0x49,0x31,0x69,0x7C,0x5F,0x4E,0x67,0x75,0x36,0x7A,0x39,0x32,0x61,0x33,0x70,0x52,0x78,0x72,0x52,0x55,0x6B,0x33,0x64,0x32,0x35
};
memcpy (buf, buff3,104); //从b中复制5个字符到a中,把a原有的字符都给覆盖了,采用组个覆盖的方式
}
if (lenEx == 88)
{
OutputDebugStringA( "修改数据包" );
BYTE buff3[88] =
{
0x63,0x72,0x79,0x70,0x74,0x72,0x73,0x61,0x64,0x61,0x74,0x61,0x52,0x72,0x53,0x74,0x4F,0x35,0x34,0x48,0x47,0x69,0x59,0x63,0x36,0x61,0x57,0x71,0x73,0x49,0x77,0x79,0x57,0x58,0x70,0x71,0x41,0x51,0x36,0x2B,0x43,0x54,0x35,0x35,0x6C,0x51,0x54,0x47,0x37,0x7A,0x78,0x59,0x6D,0x51,0x59,0x3D,0x60,0x6D,0x72,0x38,0x57,0x7A,0x64,0x49,0x33,0x50,0x33,0x54,0x56,0x42,0x41,0x34,0x62,0x7C,0x57,0x38,0x69,0x4E,0x72,0x75,0x75,0x51,0x77,0x5A,0x6A,0x37,0x4C,0x67
};
memcpy (buf, buff3,88); //从b中复制5个字符到a中,把a原有的字符都给覆盖了,采用组个覆盖的方式
}
if (lenEx == 152)
{
OutputDebugStringA( "修改数据包" );
BYTE buff3[152] =
{
0x63,0x72,0x79,0x70,0x74,0x72,0x73,0x61,0x64,0x61,0x74,0x61,0x4E,0x41,0x72,0x43,0x70,0x69,0x42,0x71,0x54,0x4A,0x37,0x67,0x4D,0x71,0x57,0x31,0x61,0x53,0x48,0x35,0x5A,0x5A,0x59,0x4B,0x7A,0x41,0x56,0x63,0x52,0x66,0x6C,0x6C,0x71,0x35,0x67,0x75,0x6A,0x31,0x44,0x52,0x52,0x70,0x41,0x3D,0x60,0x5A,0x78,0x59,0x46,0x57,0x77,0x76,0x70,0x5A,0x59,0x42,0x46,0x6A,0x67,0x54,0x66,0x32,0x78,0x4B,0x46,0x36,0x34,0x50,0x54,0x6E,0x65,0x50,0x49,0x67,0x75,0x6A,0x50,0x53,0x39,0x38,0x70,0x64,0x73,0x6C,0x36,0x50,0x36,0x69,0x70,0x7A,0x31,0x76,0x73,0x41,0x56,0x4C,0x6A,0x35,0x56,0x4F,0x73,0x75,0x63,0x58,0x69,0x78,0x51,0x49,0x36,0x57,0x4F,0x57,0x44,0x33,0x67,0x76,0x30,0x57,0x42,0x54,0x50,0x48,0x73,0x56,0x33,0x48,0x4F,0x56,0x53,0x38,0x50,0x48,0x68,0x63,0x47,0x58,0x6A,0x57,0x46,0x64
};
memcpy (buf, buff3,152); //从b中复制5个字符到a中,把a原有的字符都给覆盖了,采用组个覆盖的方式
}
if (lenEx == 196)
{
OutputDebugStringA( "修改数据包" );
BYTE buff3[196] =
{
0x63,0x72,0x79,0x70,0x74,0x72,0x73,0x61,0x64,0x61,0x74,0x61,0x64,0x42,0x54,0x35,0x49,0x52,0x35,0x59,0x59,0x73,0x4F,0x6D,0x4E,0x39,0x4C,0x72,0x58,0x70,0x55,0x61,0x76,0x30,0x4E,0x52,0x48,0x31,0x67,0x4B,0x4C,0x43,0x4F,0x52,0x2B,0x4C,0x41,0x72,0x6C,0x69,0x46,0x51,0x4A,0x61,0x41,0x3D,0x60,0x4A,0x65,0x5F,0x6B,0x67,0x62,0x73,0x46,0x45,0x51,0x54,0x4E,0x5A,0x4C,0x71,0x5A,0x31,0x37,0x70,0x7A,0x63,0x6C,0x35,0x34,0x6F,0x7A,0x50,0x4B,0x30,0x63,0x77,0x4F,0x59,0x6B,0x64,0x74,0x76,0x55,0x31,0x47,0x41,0x48,0x79,0x71,0x31,0x47,0x76,0x69,0x45,0x6D,0x36,0x57,0x39,0x6B,0x42,0x71,0x30,0x69,0x39,0x34,0x57,0x47,0x6B,0x53,0x75,0x65,0x6B,0x57,0x5F,0x47,0x44,0x59,0x67,0x56,0x62,0x53,0x52,0x33,0x74,0x55,0x64,0x47,0x62,0x5A,0x4B,0x41,0x75,0x79,0x31,0x69,0x41,0x30,0x4F,0x6B,0x41,0x72,0x33,0x4D,0x58,0x45,0x35,0x6C,0x44,0x37,0x75,0x6B,0x43,0x69,0x57,0x73,0x51,0x5F,0x39,0x6C,0x53,0x4E,0x69,0x73,0x35,0x74,0x44,0x71,0x6C,0x48,0x4A,0x6B,0x4D,0x36,0x6E,0x6C,0x33,0x75,0x36,0x30,0x47,0x71,0x30,0x4D,0x44
};
memcpy (buf, buff3,196); //从b中复制5个字符到a中,把a原有的字符都给覆盖了,采用组个覆盖的方式
}
if (lenEx == 184)
{
OutputDebugStringA( "修改数据包" );
BYTE buff3[184] =
{
0x63,0x72,0x79,0x70,0x74,0x72,0x73,0x61,0x64,0x61,0x74,0x61,0x6A,0x4E,0x4A,0x59,0x61,0x4D,0x61,0x77,0x41,0x75,0x72,0x30,0x4F,0x36,0x75,0x30,0x75,0x68,0x76,0x49,0x7A,0x6E,0x74,0x48,0x7A,0x49,0x57,0x78,0x6E,0x47,0x4F,0x7A,0x37,0x76,0x32,0x72,0x64,0x35,0x75,0x52,0x53,0x53,0x51,0x3D,0x60,0x66,0x67,0x76,0x6B,0x41,0x65,0x68,0x6B,0x5A,0x34,0x41,0x4E,0x55,0x56,0x57,0x75,0x30,0x51,0x63,0x61,0x35,0x74,0x46,0x59,0x66,0x42,0x73,0x62,0x67,0x58,0x4E,0x6B,0x45,0x39,0x31,0x72,0x67,0x32,0x6A,0x53,0x47,0x50,0x4C,0x4E,0x50,0x6C,0x33,0x61,0x44,0x6C,0x31,0x5A,0x67,0x67,0x63,0x4E,0x67,0x67,0x6F,0x37,0x47,0x6D,0x48,0x77,0x6E,0x6D,0x46,0x78,0x32,0x75,0x50,0x47,0x41,0x63,0x7C,0x7A,0x6A,0x78,0x48,0x74,0x33,0x32,0x74,0x30,0x50,0x39,0x7A,0x59,0x32,0x47,0x52,0x35,0x41,0x58,0x6A,0x69,0x36,0x61,0x67,0x53,0x32,0x75,0x6A,0x79,0x5A,0x59,0x6F,0x4E,0x32,0x36,0x55,0x47,0x77,0x31,0x61,0x74,0x6A,0x77,0x53,0x72,0x47,0x56,0x52,0x78,0x44,0x34,0x58
};
memcpy (buf, buff3,184); //从b中复制5个字符到a中,把a原有的字符都给覆盖了,采用组个覆盖的方式
}
if (lenEx == 400)
{
OutputDebugStringA( "修改数据包" );
BYTE buff3[400] =
{
0x63,0x72,0x79,0x70,0x74,0x72,0x73,0x61,0x64,0x61,0x74,0x61,0x51,0x52,0x54,0x43,0x46,0x2B,0x78,0x34,0x7A,0x65,0x4B,0x67,0x59,0x6A,0x4F,0x70,0x64,0x44,0x37,0x77,0x52,0x36,0x78,0x71,0x6E,0x64,0x61,0x46,0x68,0x49,0x4F,0x77,0x71,0x6C,0x36,0x56,0x57,0x5A,0x44,0x4C,0x2F,0x77,0x51,0x3D,0x60,0x39,0x52,0x50,0x76,0x39,0x52,0x72,0x4D,0x58,0x54,0x72,0x62,0x73,0x55,0x5A,0x64,0x33,0x4E,0x69,0x62,0x41,0x7C,0x41,0x6D,0x58,0x6D,0x35,0x7A,0x66,0x7C,0x5A,0x6A,0x4A,0x6E,0x72,0x74,0x35,0x54,0x53,0x6F,0x45,0x31,0x59,0x4B,0x38,0x57,0x33,0x4D,0x30,0x37,0x50,0x6C,0x66,0x70,0x49,0x78,0x66,0x5F,0x57,0x5F,0x33,0x38,0x6F,0x65,0x39,0x72,0x6F,0x64,0x74,0x4D,0x79,0x47,0x58,0x32,0x65,0x58,0x75,0x4C,0x4B,0x44,0x4A,0x57,0x39,0x4F,0x51,0x49,0x7A,0x7A,0x48,0x4E,0x37,0x55,0x39,0x71,0x44,0x78,0x41,0x54,0x69,0x47,0x53,0x38,0x69,0x71,0x47,0x64,0x48,0x62,0x38,0x64,0x7C,0x46,0x57,0x55,0x6E,0x4B,0x37,0x33,0x39,0x74,0x6A,0x69,0x42,0x6C,0x47,0x6F,0x68,0x33,0x6A,0x41,0x36,0x4A,0x6A,0x5F,0x47,0x61,0x52,0x5F,0x66,0x39,0x66,0x52,0x4A,0x78,0x33,0x6A,0x70,0x6F,0x6F,0x33,0x55,0x74,0x44,0x67,0x33,0x38,0x59,0x4B,0x74,0x33,0x30,0x79,0x6B,0x62,0x71,0x38,0x41,0x76,0x65,0x65,0x76,0x35,0x73,0x45,0x57,0x6C,0x43,0x5F,0x6F,0x42,0x73,0x4E,0x36,0x41,0x33,0x4E,0x57,0x55,0x69,0x4C,0x6A,0x6D,0x48,0x62,0x6F,0x77,0x4D,0x4C,0x79,0x71,0x53,0x36,0x48,0x71,0x43,0x33,0x49,0x52,0x6C,0x52,0x37,0x58,0x4C,0x7C,0x70,0x74,0x67,0x7C,0x55,0x74,0x39,0x5A,0x62,0x6D,0x67,0x4D,0x6C,0x6E,0x43,0x54,0x4E,0x35,0x6E,0x6B,0x50,0x76,0x57,0x6E,0x39,0x6A,0x6C,0x70,0x37,0x42,0x7C,0x37,0x47,0x38,0x55,0x73,0x34,0x77,0x41,0x6A,0x6E,0x44,0x45,0x4D,0x4D,0x38,0x59,0x4D,0x76,0x4F,0x43,0x38,0x78,0x47,0x43,0x64,0x76,0x61,0x4A,0x71,0x59,0x6B,0x59,0x7C,0x73,0x76,0x59,0x77,0x39,0x38,0x33,0x55,0x44,0x49,0x6F,0x41,0x6B,0x58,0x70,0x5F,0x45,0x64,0x56,0x35,0x67,0x59,0x30,0x5A,0x78,0x78,0x55,0x64,0x78,0x45,0x59,0x57,0x6D,0x6D,0x44,0x5F,0x61,0x55,0x30,0x79,0x39,0x61,0x33,0x4B,0x39,0x6C,0x74,0x6E,0x47,0x6C,0x57,0x63,0x68,0x74,0x52,0x4B,0x4E,0x68,0x6F,0x54,0x5A,0x35,0x4E,0x62,0x33
};
memcpy (buf, buff3,400); //从b中复制5个字符到a中,把a原有的字符都给覆盖了,采用组个覆盖的方式
}
*/
return ret;
}
BOOL WINAPI DllMain(HINSTANCE hinst, DWORD dwReason, LPVOID reserved)
{
if (dwReason == DLL_PROCESS_ATTACH) {
DetourRestoreAfterWith();
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)TrueRecv, TimedRecv);
DetourTransactionCommit();
OutputDebugStringA("DLL已注入");
}
else if (dwReason == DLL_PROCESS_DETACH) {
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach(&(PVOID&)TrueRecv, TimedRecv);
DetourTransactionCommit();
OutputDebugStringA("DLL已卸载");
}
return TRUE;
}