DEVHIDE
Login Or Sign up

Blocking packets in detoured WSASend

261 Views Asked by At

So I have WSASend detoured, and of course can call it to have everything work normally, but some packets (after I analyze them) I want to prevent from being sent, so I can't call the original function. The calling code seems to know something's gone awry no matter what I return.

WSASend is supposed to return 0 when everything went ok. The ironic thing is if I simply return 0 when attempting to block, the calling code seems to be waiting for something, makeing all connections delay and finally close.

code:

int WINAPI myWSASend(SOCKET s, LPWSABUF lpBuffers, DWORD dwBufferCount, LPDWORD lpNumberOfBytesSent, DWORD dwFlags, LPWSAOVERLAPPED lpOverlapped, LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine)
{
    if(lpBuffers->buf[2] == 0x66 && lpBuffers->buf[3] == 0x78)
    {
        FILE *fp = fopen("party_sploit.txt", "a");
        fprintf(fp, "0x7866 catched! len: %lu\n", lpBuffers->len);
        for (unsigned int i = 0; i < lpBuffers->len-8; i = i + 8)
        {
            fprintf(fp,
                "%02X %02X %02X %02X %02X %02X %02X %02X"
                  "\t\t%c %c %c %c %c %c %c %c\n",

                static_cast<unsigned char>(lpBuffers->buf[i]),
                static_cast<unsigned char>(lpBuffers->buf[i+1]),
                static_cast<unsigned char>(lpBuffers->buf[i+2]),
                static_cast<unsigned char>(lpBuffers->buf[i+3]),
                static_cast<unsigned char>(lpBuffers->buf[i+4]),
                static_cast<unsigned char>(lpBuffers->buf[i+5]),
                static_cast<unsigned char>(lpBuffers->buf[i+6]),
                static_cast<unsigned char>(lpBuffers->buf[i+7]),
                (drawable(lpBuffers->buf[i]))   ? static_cast<unsigned char>(lpBuffers->buf[i])   : '.',
                (drawable(lpBuffers->buf[i+1])) ? static_cast<unsigned char>(lpBuffers->buf[i+1]) : '.',
                (drawable(lpBuffers->buf[i+2])) ? static_cast<unsigned char>(lpBuffers->buf[i+2]) : '.',
                (drawable(lpBuffers->buf[i+3])) ? static_cast<unsigned char>(lpBuffers->buf[i+3]) : '.',
                (drawable(lpBuffers->buf[i+4])) ? static_cast<unsigned char>(lpBuffers->buf[i+4]) : '.',
                (drawable(lpBuffers->buf[i+5])) ? static_cast<unsigned char>(lpBuffers->buf[i+5]) : '.',
                (drawable(lpBuffers->buf[i+6])) ? static_cast<unsigned char>(lpBuffers->buf[i+6]) : '.',
                (drawable(lpBuffers->buf[i+7])) ? static_cast<unsigned char>(lpBuffers->buf[i+7]) : '.'
            );
        }
        fprintf(fp, "\n-------------------------------------------------------------------\n");
        fclose(fp);
        if(lpBuffers->len < 26)
        {
            lpNumberOfBytesSent = (LPDWORD)lpBuffers->len;
            return 0;
        }
        else
        {
            return (oWSASend)(s, lpBuffers, dwBufferCount, lpNumberOfBytesSent, dwFlags, lpOverlapped, lpCompletionRoutine);
        }
    }
    else
    {
        //No filtered packet recieved, proceed
        return (oWSASend)(s, lpBuffers, dwBufferCount, lpNumberOfBytesSent, dwFlags, lpOverlapped, lpCompletionRoutine);
    }
}
blocking packets detours
Original Q&A
1

There are 1 best solutions below

0
On

the answere is actually quite simple ... i forgot to dereference the lpNumberOfBytesSent pointer, i also added an if-not-null for security reasons

if(lpBuffers->len != NULL && lpBuffers->len < 26)
{
    *lpNumberOfBytesSent = lpBuffers->len;
    return 0;
}
else
{
    return (oWSASend)(s, lpBuffers, dwBufferCount, lpNumberOfBytesSent, dwFlags, lpOverlapped, lpCompletionRoutine);
}

Related Questions in BLOCKING

Related Questions in PACKETS

Related Questions in DETOURS

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.