📄 wsock32.cpp
字号:
//****************************************************************
//
// 本文是在已发表的另一文章略加修改而成,
// 先感谢前任怍者。
//
// 程序通过替换wsock32.dll 来监测winsock调用
// 原wsock32.dll 该名为 wsock32.aaa
// 谁有兴趣修改得更好,请给我也送一份
// hjx321@21cn.com
// vchelp ID : 283
//
//***************************************************************
#include <windows.h>
#include <stdio.h>
#include "wsock32.h"
#define Max_Data_Len 400
#define DataFile "c:\\popsocket.txt"
void SaveRecord(char *p)
{
FILE *fp=fopen(DataFile,"a+");
if(fp!=NULL) {
fprintf(fp,"%s\n",p);
fclose(fp);
}
//日志文件
}
void PrintData(FILE *pf, BYTE FAR *pdata,int len)
{
int i;
int size;
size = len;
if(size>Max_Data_Len) size=Max_Data_Len;
for(i=0;i<size;i++) {
if(pdata[i]<' ') {
switch (pdata[i]){
case '\n':
case '\r' :
fprintf(pf,"%c",pdata[i]);
break;
default:
fprintf(pf,"\\%03d",pdata[i]);
}
}
else fprintf(pf,"%c",pdata[i]);
}
fprintf(pf,"\n");
}
int SaveRecvData(int socket, char FAR *p, int size)
{
FILE *fp;
if(size<0) return size;
fp=fopen(DataFile,"a+");
if(fp!=NULL) {
fprintf(fp,"call recv, used socket=%d,len:%d\n",socket,size);
PrintData(fp,(BYTE *)p,size);
fclose(fp);
}
return size;
}
void SaveSendData(int socket, char *p, int size)
{
FILE *fp=fopen(DataFile,"a+");
if(fp!=NULL) {
fprintf(fp,"call send, used socket=%d,len:%d\n",socket,size);
PrintData(fp,(BYTE *)p,size);
fclose(fp);
}
}
void SaveRecvfromData(char *addr,int port, char FAR * p, int size)
{
FILE *fp=fopen(DataFile,"a+");
if(fp!=NULL) {
fprintf(fp,"call recvfrom, recvice data from %s port:%d,len:%d\n",addr,port,size);
PrintData(fp,(BYTE *)p,size);
fclose(fp);
}
//日志文件
}
void SaveSendtoData(char *addr,int port, BYTE *p, int size)
{
FILE *fp=fopen(DataFile,"a+");
if(fp!=NULL) {
fprintf(fp,"call sendto, send data to %s port:%d,len:%d\n",addr,port,size);
PrintData(fp,(BYTE *)p,size);
fclose(fp);
}
//日志文件
}
//必须输出与原WSOCK32.DLL库同样的函数。
//************
BOOL WINAPI DllMain (HANDLE hInst,
ULONG ul_reason_for_call,
LPVOID lpReserved)
{
SaveRecord("begin");
//装载原动态库
if(i==NULL){
i=LoadLibrary("c:\\windows\\system\\wsock32.aaa");
SaveRecord("reload old wsock32.dll");
}
else
return 1;
if(i!=NULL){
//取得原同名函数地址
a=GetProcAddress(i,"WSAStartup");
WSAStartup1=(int (_stdcall *)(WORD,LPWSADATA))a;
a=GetProcAddress(i,"WSACleanup");
//取得原同名函数地址
WSACleanup1=(int (_stdcall *)())a;
a=GetProcAddress(i,"htons");
htons1=(u_short (_stdcall *)(u_short))a;
a=GetProcAddress(i,"socket");
socket1=(SOCKET (_stdcall *)(int ,int,int))a;
a=GetProcAddress(i,"WSAAsyncSelect");
WSAAsyncSelect1=(int (_stdcall *)(SOCKET,HWND ,u_int,long ))a;
a=GetProcAddress(i,"setsockopt");
setsockopt1=(int (_stdcall *)(SOCKET ,int ,int ,const char * ,int ))a;
a=GetProcAddress(i,"ioctlsocket");
ioctlsocket1=(int (_stdcall *)(SOCKET ,long ,u_long FAR *))a;
a=GetProcAddress(i,"WSAAsyncGetHostByName");
WSAAsyncGetHostByName1=(HANDLE (_stdcall *)(HWND ,u_int ,const char FAR * , char FAR * ,int ))a;
a=GetProcAddress(i,"closesocket");
closesocket1=(int (_stdcall *)(SOCKET ))a;
a=GetProcAddress(i,"select");
select1=(int (_stdcall *)(int ,fd_set FAR *,fd_set FAR *,fd_set FAR *,const struct timeval FAR *))a;
a=GetProcAddress(i,"NPLoadNameSpaces");
NPLoadNameSpaces1=(int (_stdcall *)(int ,int ,int ))a;
a=GetProcAddress(i,"connect");
connect1=(int (_stdcall *)(SOCKET ,const struct sockaddr *,int ))a;
a=GetProcAddress(i,"closesockinfo");
closesockinfo1=(int (_stdcall *)(int))a;
a=GetProcAddress(i,"WSAGetLastError");
WSAGetLastError1=(int (_stdcall *)())a;
a=GetProcAddress(i,"send");
send1=(int (_stdcall *)(SOCKET ,const char * ,int ,int ))a;
a=GetProcAddress(i,"recv");
recv1=(int (_stdcall *)(SOCKET ,char FAR * ,int ,int ))a;
a=GetProcAddress(i,"__WSAFDIsSet");
__WSAFDIsSet1=(int (_stdcall *)(SOCKET,fd_set FAR *))a;
a=GetProcAddress(i,"inet_addr");
inet_addr1=(unsigned long (_stdcall *)(const char FAR * ))a;
a=GetProcAddress(i,"WsControl");
WsControl1=(int (_stdcall *)(int ,int ,int ,int ,int ,int ))a;
a=GetProcAddress(i,"inet_ntoa");
inet_ntoa1=(char * (_stdcall *)(struct in_addr))a;
a=GetProcAddress(i,"htonl");
htonl1=(u_long (_stdcall *)(u_long))a;
a=GetProcAddress(i,"bind");
bind1=(int (_stdcall *)(SOCKET ,const struct sockaddr *,int ))a;
a=GetProcAddress(i,"getsockname");
getsockname1=(int (_stdcall *)(SOCKET ,struct sockaddr *,int * ))a;
a=GetProcAddress(i,"gethostbyname");
gethostbyname1=(struct hostent * (_stdcall *)(const char FAR * ))a;
a=GetProcAddress(i,"ntohs");
ntohs1=(u_short (_stdcall *)(u_short))a;
a=GetProcAddress(i,"getsockopt");
getsockopt1=(int (_stdcall *)(SOCKET ,int ,int ,char * , int *))a;
a=GetProcAddress(i,"gethostname");
gethostname1=(int (_stdcall *)(char FAR *, int))a;
a=GetProcAddress(i,"WSHEnumProtocols");
WSHEnumProtocols1=(int (_stdcall *)(void))a;
a=GetProcAddress(i,"getprotobyname");
getprotobyname1=(getprotobyname0)a;
a=GetProcAddress(i,"accept");
accept1 =(accept0)a;
a=GetProcAddress(i,"shutdown");
shutdown1 =(shutdown0)a;
a=GetProcAddress(i,"getservbyname");
getservbyname1 =(getservbyname0)a;
a=GetProcAddress(i,"getservbyport");
getservbyport1 =(getservbyport0)a;
a=GetProcAddress(i,"getprotobynumber");
getprotobynumber1=(getprotobynumber0)a;
a=GetProcAddress(i,"sendto");
sendto1 =(sendto0)a;
a=GetProcAddress(i,"recvfrom");
recvfrom1 =(recvfrom0)a;
a=GetProcAddress(i,"ntohl");
ntohl1 =(ntohl0)a;
a=GetProcAddress(i,"listen");
listen1=(listen0)a;
a=GetProcAddress(i,"getpeername");
getpeername1 =(getpeername0)a;
}else return 0;
return 1;
}
int PASCAL FAR WSAStartup(WORD wVersionRequired, LPWSADATA lpWSAData)
{
SaveRecord("WSAStartup");
//记日志,当然也可以是您的模块
return WSAStartup1(wVersionRequired,lpWSAData);
//执行真正的处理
}
int PASCAL FAR WSACleanup(void)
{
SaveRecord("WSACleanup");
//记日志
return WSACleanup1();
//执行真正的处理
}
u_short PASCAL FAR htons (u_short hostshort)
{
SaveRecord("htons");
return htons1(hostshort);
//执行真正的处理
}
SOCKET PASCAL FAR socket (int af, int type, int protocol)
{
char disp[64];
SOCKET rc;
rc = socket1(af,type,protocol);
wsprintf(disp,"socket(af:%d,type:%d,proto:%d) rc=%d",af,type,protocol,rc);
SaveRecord(disp);
return rc;
}
int PASCAL FAR WSAAsyncSelect(SOCKET s, HWND hWnd, u_int wMsg,long lEvent)
{
char disp[128];
int rc;
rc = WSAAsyncSelect1(s,hWnd,wMsg,lEvent);
wsprintf(disp,"WSAAsyncSelect(s=%d,hWnd,wMsg=%d,lEvent=%ld),rc=%d",s,wMsg,lEvent,rc);
SaveRecord(disp);
return rc;
}
int PASCAL FAR setsockopt(SOCKET s,int level,int optname,const char * optval,int optlen)
{
SaveRecord("setsockopt");
return setsockopt1(s,level,optname,optval,optlen);
//执行真正的处理
}
int PASCAL FAR ioctlsocket(SOCKET s, long cmd, u_long FAR *argp)
{
SaveRecord("ioctlsocket");
return ioctlsocket1(s,cmd,argp);
//执行真正的处理
}
HANDLE PASCAL FAR WSAAsyncGetHostByName(HWND hWnd, u_int wMsg,const char FAR * name, char FAR * buf,int buflen)
{
SaveRecord("WSAAsyncGetHostByName");
return WSAAsyncGetHostByName1(hWnd,wMsg,name,buf,buflen);
//执行真正的处理
}
int PASCAL FAR select(int nfds, fd_set FAR *readfds, fd_set FAR *writefds,fd_set FAR *exceptfds, const struct timeval FAR *timeout)
{
SaveRecord("select");
return select1(nfds,readfds,writefds,exceptfds,timeout);
//执行真正的处理
}
int PASCAL FAR closesocket(SOCKET s)
{
SaveRecord("closesocket");
return closesocket1(s);
//执行真正的处理
}
int PASCAL FAR NPLoadNameSpaces(int p,int q,int r)
{
SaveRecord("NPLoadNameSpaces");
return NPLoadNameSpaces1(p,q,r);
//执行真正的处理
}
int PASCAL FAR closesockinfo(int p)
{
SaveRecord("closesockinfo");
return closesockinfo1(p);
//执行真正的处理
}
int PASCAL FAR connect(SOCKET s,const struct sockaddr *name, int namelen)
{
int rc;
sin =(sockaddr_in *)name;
LPCSTR psz=inet_ntoa1(sin->sin_addr);
wsprintf(msg,"connect,ip=%s:%d socket=%d",psz,ntohs1(sin->sin_port),s);
SaveRecord(msg);
rc = connect1(s,name,namelen);
return rc;
//执行真正的处理
}
int PASCAL FAR WSAGetLastError(void)
{
d=WSAGetLastError1();
sprintf(aa,"WSAGetLastError %d",d);
SaveRecord(aa);
return d;
//取得原同名函数地址
//执行真正的处理
}
int PASCAL FAR send(SOCKET s,const char * buf,int len,int flags)
{
int rc;
rc = send1(s,buf,len,flags);
SaveSendData((int)s, (char *)buf, rc);
return rc;
}
int PASCAL FAR recv(SOCKET s, char FAR * buf, int len, int flags)
{
int rc;
SaveRecord("recv() ");
rc = recv1(s, buf, len, flags);
if(rc<0) return rc;
//SaveRecvData((int)s, buf, rc);
//
//
// 用上述SaveRecvData有时会死机 不知何故,
// 解决者请告述我,谢谢!
//
return rc;
}
int PASCAL FAR __WSAFDIsSet(SOCKET p,fd_set FAR *q)
{
SaveRecord("__WSAFDIsSet");
return __WSAFDIsSet1(p,q);
}
unsigned long PASCAL inet_addr(const char FAR * cp)
{
unsigned long rc;
char disp[64];
rc = inet_addr1(cp);
wsprintf(disp,"inet_addr(%s)",cp);
SaveRecord(disp);
return rc;
//执行真正的处理
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -