So I have WSASend detoured, and of course can call it to have everything work normally, but some packets (after I analyze them) I want to prevent from being sent, so I can't call the original function. The calling code seems to know something's gone awry no matter what I return.
WSASend is supposed to return 0 when everything went ok. The ironic thing is if I simply return 0 when attempting to block, the calling code seems to be waiting for something, makeing all connections delay and finally close.
code:
int WINAPI myWSASend(SOCKET s, LPWSABUF lpBuffers, DWORD dwBufferCount, LPDWORD lpNumberOfBytesSent, DWORD dwFlags, LPWSAOVERLAPPED lpOverlapped, LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine)
{
if(lpBuffers->buf[2] == 0x66 && lpBuffers->buf[3] == 0x78)
{
FILE *fp = fopen("party_sploit.txt", "a");
fprintf(fp, "0x7866 catched! len: %lu\n", lpBuffers->len);
for (unsigned int i = 0; i < lpBuffers->len-8; i = i + 8)
{
fprintf(fp,
"%02X %02X %02X %02X %02X %02X %02X %02X"
"\t\t%c %c %c %c %c %c %c %c\n",
static_cast<unsigned char>(lpBuffers->buf[i]),
static_cast<unsigned char>(lpBuffers->buf[i+1]),
static_cast<unsigned char>(lpBuffers->buf[i+2]),
static_cast<unsigned char>(lpBuffers->buf[i+3]),
static_cast<unsigned char>(lpBuffers->buf[i+4]),
static_cast<unsigned char>(lpBuffers->buf[i+5]),
static_cast<unsigned char>(lpBuffers->buf[i+6]),
static_cast<unsigned char>(lpBuffers->buf[i+7]),
(drawable(lpBuffers->buf[i])) ? static_cast<unsigned char>(lpBuffers->buf[i]) : '.',
(drawable(lpBuffers->buf[i+1])) ? static_cast<unsigned char>(lpBuffers->buf[i+1]) : '.',
(drawable(lpBuffers->buf[i+2])) ? static_cast<unsigned char>(lpBuffers->buf[i+2]) : '.',
(drawable(lpBuffers->buf[i+3])) ? static_cast<unsigned char>(lpBuffers->buf[i+3]) : '.',
(drawable(lpBuffers->buf[i+4])) ? static_cast<unsigned char>(lpBuffers->buf[i+4]) : '.',
(drawable(lpBuffers->buf[i+5])) ? static_cast<unsigned char>(lpBuffers->buf[i+5]) : '.',
(drawable(lpBuffers->buf[i+6])) ? static_cast<unsigned char>(lpBuffers->buf[i+6]) : '.',
(drawable(lpBuffers->buf[i+7])) ? static_cast<unsigned char>(lpBuffers->buf[i+7]) : '.'
);
}
fprintf(fp, "\n-------------------------------------------------------------------\n");
fclose(fp);
if(lpBuffers->len < 26)
{
lpNumberOfBytesSent = (LPDWORD)lpBuffers->len;
return 0;
}
else
{
return (oWSASend)(s, lpBuffers, dwBufferCount, lpNumberOfBytesSent, dwFlags, lpOverlapped, lpCompletionRoutine);
}
}
else
{
//No filtered packet recieved, proceed
return (oWSASend)(s, lpBuffers, dwBufferCount, lpNumberOfBytesSent, dwFlags, lpOverlapped, lpCompletionRoutine);
}
}
the answere is actually quite simple ... i forgot to dereference the lpNumberOfBytesSent pointer, i also added an if-not-null for security reasons