Re: How to hook the winsock API "recv" and parse its packet?
Code:
Public Const AF_INET = 2
Public Const INVALID_SOCKET = -1
Public Const SOCKET_ERROR = -1
Public Const FD_READ = &H1&
Public Const FD_WRITE = &H2&
Public Const FD_CONNECT = &H10&
Public Const FD_CLOSE = &H20&
Public Const PF_INET = 2
Public Const SOCK_STREAM = 1
Public Const IPPROTO_TCP = 6
Public Const WINSOCKMSG = 1025
Public Const WSA_DESCRIPTIONLEN = 256
Public Const WSA_DescriptionSize = WSA_DESCRIPTIONLEN + 1
Public Const WSA_SYS_STATUS_LEN = 128
Public Const WSA_SysStatusSize = WSA_SYS_STATUS_LEN + 1
Public Const INADDR_NONE = &HFFFF
Public Const SOL_SOCKET = &HFFFF&
Public Const SO_LINGER = &H80&
Public Const hostent_size = 16
Public Const sockaddr_size = 16
Declare Function setsockopt Lib "wsock32.dll" (ByVal s As Long, ByVal Level As Long, ByVal optname As Long, optval As Any, ByVal optlen As Long) As Long
Declare Function getsockopt Lib "wsock32.dll" (ByVal s As Long, ByVal Level As Long, ByVal optname As Long, optval As Any, optlen As Long) As Long
Declare Function WSAGetLastError Lib "wsock32.dll" () As Long
Declare Function WSAIsBlocking Lib "wsock32.dll" () As Long
Declare Function WSACleanup Lib "wsock32.dll" () As Long
Declare Function Send Lib "wsock32.dll" Alias "send" (ByVal s As Long, buf As Any, ByVal buflen As Long, ByVal flags As Long) As Long
Declare Function recv Lib "wsock32.dll" (ByVal s As Long, buf As Any, ByVal buflen As Long, ByVal flags As Long) As Long
Declare Function WSAStartup Lib "wsock32.dll" (ByVal wVR As Long, lpWSAD As WSADataType) As Long
Declare Function htons Lib "wsock32.dll" (ByVal hostshort As Long) As Integer
Declare Function ntohs Lib "wsock32.dll" (ByVal netshort As Long) As Integer
Declare Function socket Lib "wsock32.dll" (ByVal af As Long, ByVal s_type As Long, ByVal protocol As Long) As Long
Declare Function closesocket Lib "wsock32.dll" (ByVal s As Long) As Long
Declare Function Connect Lib "wsock32.dll" Alias "connect" (ByVal s As Long, addr As sockaddr, ByVal namelen As Long) As Long
Declare Function WSAAsyncSelect Lib "wsock32.dll" (ByVal s As Long, ByVal Hwnd As Long, ByVal wMsg As Long, ByVal lEvent As Long) As Long
Declare Function inet_addr Lib "wsock32.dll" (ByVal cp As String) As Long
Declare Function gethostbyname Lib "wsock32.dll" (ByVal host_name As String) As Long
Declare Function inet_ntoa Lib "wsock32.dll" (ByVal inn As Long) As Long
Declare Function WSACancelBlockingCall Lib "wsock32.dll" () As Long
Public saZero As sockaddr
Public WSAStartedUp As Boolean, Obj As TextBox
Public PrevProc As Long, lSocket As Long
'our Winsock-message handler
Public Sub ProcessMessage(ByVal lFromSocket As Long, ByVal lParam As Long)
Dim X As Long, ReadBuffer(1 To 1024) As Byte, strCommand As String
Select Case lParam
Case FD_CONNECT 'we are connected to microsoft.com
Case FD_WRITE 'we can write to our connection
'this is a part of the HTTP protocol
'for more information about this protocol, visit http://www.w3c.org/
strCommand = "GET http://www.microsoft.com/ HTTP/1.0" + vbCrLf
strCommand = strCommand + "Pragma: no-cache" + vbCrLf
strCommand = strCommand + "Accept: */*" + vbCrLf
strCommand = strCommand + "Accept: text/html" + vbCrLf + vbCrLf
'send the data to our microsoft.com-connection
SendData lFromSocket, strCommand
Case FD_READ 'we have data waiting to be processed
'start reading the data
Do
X = recv(lFromSocket, ReadBuffer(1), 1024, 0)
If X > 0 Then
Obj.Text = Obj.Text + Left$(StrConv(ReadBuffer, vbUnicode), X)
End If
If X <> 1024 Then Exit Do
Loop
Case FD_CLOSE 'the connection with microsoft.com is closed
End Select
End Sub
Public Sub HookForm(F As Form)
PrevProc = SetWindowLong(F.hwnd, GWL_WNDPROC, AddressOf WindowProc)
End Sub
Public Sub UnHookForm(F As Form)
If PrevProc <> 0 Then
SetWindowLong F.hwnd, GWL_WNDPROC, PrevProc
PrevProc = 0
End If
End Sub
Public Function WindowProc(ByVal hwnd As Long, ByVal uMsg As Long, ByVal wParam As Long, ByVal lParam As Long) As Long
If uMsg = WINSOCKMSG Then
ProcessMessage wParam, lParam
Else
WindowProc = CallWindowProc(PrevProc, hwnd, uMsg, wParam, lParam)
End If
End Function
Last edited by whatsup; May 24th, 2010 at 05:11 PM.
Re: How to hook the winsock API "recv" and parse its packet?
Many thanks for your reply. could you tell me what controle i need in my form to run this example. Furthermore , could you tell me how i can connect to an external application process intead of remote website ?
Re: How to hook the winsock API "recv" and parse its packet?
I try to explain it. There is this external application that i don't have its source code. That application communicates with its server via winsock API and recive some data back from server. So what i want to do hook to the process of that applicaton and read the data that it recives from server and parse it. I don't have any experienc with hook so i came for help here.
Re: How to hook the winsock API "recv" and parse its packet?
Many Thanks. I will be waiting for that example as i realy need to learn how to hook to another applications since i need to write few application involving another application.
Re: How to hook the winsock API "recv" and parse its packet?
Originally Posted by tony007
I try to explain it. There is this external application that i don't have its source code. That application communicates with its server via winsock API and recive some data back from server. So what i want to do hook to the process of that applicaton and read the data that it recives from server and parse it. I don't have any experienc with hook so i came for help here.
First, you do not read packets at the level you are programming at. Packets are read by the network applications and they in turn send only the data (not the network protocols) to the higher level application using Winsock; like your application.
Do you have the other applications on your computer? Are they, in essence, your applications. If they are not yours and they reside on another computer then no one here is going to help you do that. That would be considered spying. Even if they are yours (ie, you just don't have the source code) and even at that I don't think you can accompolish that using Winsock. Basically, you would have to be able to listen in on the same port that the other two applications are using. You cannot have two applications running trying to listen on the same port number. What you are attempting to make is a packet sniffer and that requires knowledge way down below code laying underneath Winsock; down at the network level.
Last edited by jmsrickland; May 22nd, 2011 at 04:30 PM.
Anything I post is an example only and is not intended to be the only solution, the total solution nor the final solution to your request nor do I claim that it is. If you find it useful then it is entirely up to you to make whatever changes necessary you feel are adequate for your purposes.
Re: How to hook the winsock API "recv" and parse its packet?
It is not my application but it is running on my own computer . I am just trying to customize the user interface of the application to suite my needs! There are application that do what i want but i want parse the incoming data and ignore the unnecessary data plus make new user interface !
Re: How to hook the winsock API "recv" and parse its packet?
So is the application that runs on your computer communicating with a server also on your computer or is the server somewhere else?
Usually, in this type of situation, members are asking how to read the HTTP protocol going on between an application on the user's machine and a Website so as to know how the client is sending requests to a Web server and see how the server responds. For this, you need to write your own packet sniffer even if it isn't a Web server but just another application running somewhere else.
However, even if you can intervene, you cannot change the data and then send the modified data on to the other application. By the time you get the information that is going on between the two applications it has already been transmitted. You can only look.
Last edited by jmsrickland; May 23rd, 2011 at 01:40 PM.
Anything I post is an example only and is not intended to be the only solution, the total solution nor the final solution to your request nor do I claim that it is. If you find it useful then it is entirely up to you to make whatever changes necessary you feel are adequate for your purposes.