Intercept socket functions (windows)
Question
I have a programm, which load library test.dll, this library use ws2_32.dll to create socket and send/receive packets. I can inject my C++ library to this process, but dont know how to intecept test.dll calls of functions "socket", "accept" for example. Can anybody help me with this matter? Thanks!
Solution
You need to Hook the accept function. You can do this by using libraries e.g. MS Detours (earlier Versions are free you could use Version 1.5, just google it). Call
DWORD a=DetourFindFunction("Ws2_32.dll","accept")
it will give you the Pointer to the accept function. Then you can detour it by calling
DetourFunction(a,&Yourfunction)
.
DetourFunction returns the new Pointer to "accept", so make sure to call it at the end of "YourFunction" to make sure the programm does not crash.
Alternatively you can redirect the function by yourself by using Inlineassembler. This is far more complicated of course.