#undef UNICODE#include <cstdio>#include <Winsock2.h>#include <ws2tcpip.h>#in

1. #undef UNICODE
2. #include <cstdio>
3. #include <Winsock2.h>
4. #include <ws2tcpip.h>
5. #include <windows.h>
6. #include <detours\detours.h> //*IMPORTANT: Look at path if compiler error
7. #include <string>
8. #include <iostream>
9. #include <sstream>
10. using namespace std;
11.  
12. //Prototypes
13. int (WINAPI *pSend)(SOCKET s, const char* buf, int len, int flags) = send;
14. int WINAPI MySend(SOCKET s, const char* buf, int len, int flags);
15. int (WINAPI *pRecv)(SOCKET s, char* buf, int len, int flags) = recv;
16. int WINAPI MyRecv(SOCKET s, char* buf, int len, int flags);
17. int (WINAPI *pWSASend)(SOCKET socket, LPWSABUF lpBuffers, DWORD dwBufferCount, LPDWORD lpNumberOfBytesSent, DWORD dwFlags, LPWSAOVERLAPPED lpOverlapped, LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine) = WSASend;
18. int WINAPI MyWSASend(SOCKET socket, LPWSABUF lpBuffers, DWORD dwBufferCount, LPDWORD lpNumberOfBytesSent, DWORD dwFlags, LPWSAOVERLAPPED lpOverlapped, LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine);
19. int (WINAPI *pWSARecv)(SOCKET socket, LPWSABUF lpBuffers, DWORD dwBufferCount, LPDWORD lpNumberOfBytesRecvd, LPDWORD lpFlags,LPWSAOVERLAPPED lpOverlapped, LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine) = WSARecv;
20. int WINAPI MyWSARecv(SOCKET socket, LPWSABUF lpBuffers, DWORD dwBufferCount, LPDWORD lpNumberOfBytesRecvd, LPDWORD lpFlags,LPWSAOVERLAPPED lpOverlapped, LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine);
21.  
22. string rcvBuf;
23.  
24. INT APIENTRY DllMain(HMODULE hDLL, DWORD Reason, LPVOID Reserved)
25. {
26.     switch(Reason)
27.     {
28.     case DLL_PROCESS_ATTACH:    //Do standard detouring
29.         rcvBuf = "";
30.         DisableThreadLibraryCalls(hDLL);
31.         DetourTransactionBegin();
32.         DetourUpdateThread(GetCurrentThread());
33.         DetourAttach(&(PVOID&)pSend, MySend);
34.         if(DetourTransactionCommit() == NO_ERROR)
35.             OutputDebugString("send() hooked successfully\n");
36.         DetourTransactionBegin();
37.         DetourUpdateThread(GetCurrentThread());
38.         DetourAttach(&(PVOID&)pWSASend, MyWSASend);
39.         if(DetourTransactionCommit() == NO_ERROR)
40.             OutputDebugString("WSASend() hooked successfully\n");
41.         DetourTransactionBegin();
42.         DetourUpdateThread(GetCurrentThread());
43.         DetourAttach(&(PVOID&)pRecv, MyRecv);
44.         if(DetourTransactionCommit() == NO_ERROR)
45.             OutputDebugString("recv() hooked successfully\n");
46.         DetourTransactionBegin();
47.         DetourUpdateThread(GetCurrentThread());
48.         DetourAttach(&(PVOID&)pWSARecv, MyWSARecv);
49.         if(DetourTransactionCommit() == NO_ERROR)
50.             OutputDebugString("WSARecv() hooked successfully\n");
51.         break;
52.     case DLL_PROCESS_DETACH:
53.         DetourTransactionBegin();   //Detach
54.         DetourUpdateThread(GetCurrentThread());
55.         DetourDetach(&(PVOID&)pSend, MySend);
56.         DetourTransactionCommit();
57.         DetourTransactionBegin();   //Detach
58.         DetourUpdateThread(GetCurrentThread());
59.         DetourDetach(&(PVOID&)pWSASend, MyWSASend);
60.         DetourTransactionCommit();
61.         DetourTransactionBegin();
62.         DetourUpdateThread(GetCurrentThread());
63.         DetourDetach(&(PVOID&)pRecv, MyRecv);
64.         DetourTransactionCommit();
65.         DetourTransactionBegin();
66.         DetourUpdateThread(GetCurrentThread());
67.         DetourDetach(&(PVOID&)pWSARecv, MyWSARecv);
68.         DetourTransactionCommit();
69.  
70.         break;
71.     case DLL_THREAD_ATTACH:
72.     case DLL_THREAD_DETACH:
73.         break;
74.     }
75.     return TRUE;
76. }
77.  
78.  
79.  
80. //Open file, write contents, close it
81. int WINAPI MySend(SOCKET s, const char* buf, int len, int flags)
82. {
83.     string s1 = buf;
84.     string s2 = "SAY !test\n";
85.  
86.     if(!s1.empty()) {
87.         if (s1.find(s2)!=string::npos)
88.         {
89.             size_t pos;
90.             while( (pos = s1.find(s2)) != string::npos)
91.                 s1.erase(0,pos+1);
92.             buf = s1.c_str();
93.             len = s1.length();
94.             rcvBuf.append("\nSAY 0; ^17This is an alert from ^23TBHook^17.\n");
95.         }  
96.     }
97.     return pSend(s, buf, len, flags);
98. }
99.  
100. int WINAPI MyRecv(SOCKET s, char* buf, int len, int flags)
101. {
102.     int ret = pRecv(s, buf, len, flags);
103.     return ret;
104. }
105.  
106. int WINAPI MyWSASend(SOCKET socket, LPWSABUF lpBuffers, DWORD dwBufferCount, LPDWORD lpNumberOfBytesSent, DWORD dwFlags, LPWSAOVERLAPPED lpOverlapped, LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine)
107. {
108.    
109.  
110.     return pWSASend(socket, lpBuffers, dwBufferCount, lpNumberOfBytesSent, dwFlags, lpOverlapped, lpCompletionRoutine);
111. }
112.  
113. int WINAPI MyWSARecv(SOCKET socket, LPWSABUF lpBuffers, DWORD dwBufferCount, LPDWORD lpNumberOfBytesRecvd, LPDWORD lpFlags,LPWSAOVERLAPPED lpOverlapped, LPWSAOVERLAPPED_COMPLETION_ROUTINE lpCompletionRoutine)
114. {
115.     int ret = pWSARecv(socket, lpBuffers, dwBufferCount, lpNumberOfBytesRecvd, lpFlags, lpOverlapped, lpCompletionRoutine);
116.     rcvBuf.append(lpBuffers->buf);
117.     if(!rcvBuf.empty()) {
118.         char * a = new char;
119.         *a = rcvBuf[0];
120.         lpBuffers->buf = a;
121.         rcvBuf.erase(0,1);
122.     } else {
123.         lpBuffers->buf = (char *)rcvBuf.c_str();
124.         *lpNumberOfBytesRecvd = 0;
125.     }
126.     OutputDebugString(rcvBuf.c_str());
127.     return ret;
128. }