Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


[Delphi] Help on hooking "connect"

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
gVianna
How do I cheat?
Reputation: 0

Joined: 20 Aug 2010
Posts: 5
PostPosted: Fri Aug 20, 2010 1:38 pm    Post subject: [Delphi] Help on hooking "connect" Reply with quote
I'm trying to redirect the calls made to the "connect" function from ws2_32.dll hooking it and changing the IP and Port, but with no success. I found a similar topic here, but it's C, so I tried to convert it to Delphi.

I made my own API Hooking unit and it's working with other programs.

Code:
procedure write_to_log( s: string );
const log_path = 'ws_redir.log';
var logfile: TextFile;
begin
  AssignFile(logfile, ExtractFilePath(ParamStr(0)) + log_path);
  if FileExists(log_path) = false then
    Rewrite(logfile)
  else
    Append(logfile);
  Writeln(logfile, s);
  CloseFile(logfile);
end;


function my_connect( const s: TSocket; const name: PSockAddr; const namelen: Integer): Integer; stdcall;
var inName: TSockAddr;
    ip: String;
    port: u_short;
begin
  write_to_log('Connect executed.');
  CopyMemory(@inName, name, namelen);
  ip := inet_ntoa(inName.sin_addr);
  port := ntohs(inName.sin_port);
  write_to_log('Connected to ' + ip + ':' + IntToStr(port));

  if( inName.sin_addr.S_addr = inet_addr('XX.XXX.XXX.XX') ) then begin
    if( inName.sin_port = htons(44444) ) then begin
      inName.sin_family := af_inet;
      inName.sin_addr.S_addr := inet_addr('127.0.0.1');
      inName.sin_port := htons(44433);
      ip := inet_ntoa(inName.sin_addr);
      port := ntohs(inName.sin_port);
      write_to_log('Redirected to ' + ip + ':' + IntToStr(port));

      UnhookFunction(my_connect_info);
      Result := connect(s, @inName, SizeOf(inName));
      HookFunction(my_connect_info);
      write_to_log('Connected.');
    end else begin
      UnhookFunction(my_connect_info);
      Result := connect(s, name, namelen);
      HookFunction(my_connect_info);
      write_to_log('Wrong port.');
    end;
  end else begin
      UnhookFunction(my_connect_info);
      Result := connect(s, name, namelen);
      HookFunction(my_connect_info);
      write_to_log('Wrong ip.');
  end;
end;


When I inject the DLL on the process of the game, it "founds a problem and needs to be closed".

So i open the log file and it's content is:
Code:
Hook installed.
Connect executed.
Connect executed.


It's strange because it shouldn't say "Connect executed" twice without a "Connected to XX.XXX.XXX.XX:44444" in the middle of it.

Can anybody help me?

EDIT: I'm using Delphi 7 Enterprise with IdWinsock2 unit.
Back to top
View user's profile Send private message
Dark Byte
Site Admin
Reputation: 471

Joined: 09 May 2003
Posts: 25833
Location: The netherlands
PostPosted: Fri Aug 20, 2010 3:49 pm    Post subject: Reply with quote
here's a debug tip:
Code:

function my_connect( const s: TSocket; const name: PSockAddr; const namelen: Integer): Integer; stdcall;
var inName: TSockAddr;
    ip: String;
    port: u_short;
begin
  try
  write_to_log('Connect executed.');
  CopyMemory(@inName, name, namelen);
  ip := inet_ntoa(inName.sin_addr);
  port := ntohs(inName.sin_port);
  write_to_log('Connected to ' + ip + ':' + IntToStr(port));

  if( inName.sin_addr.S_addr = inet_addr('XX.XXX.XXX.XX') ) then begin
    if( inName.sin_port = htons(44444) ) then begin
      inName.sin_family := af_inet;
      inName.sin_addr.S_addr := inet_addr('127.0.0.1');
      inName.sin_port := htons(44433);
      ip := inet_ntoa(inName.sin_addr);
      port := ntohs(inName.sin_port);
      write_to_log('Redirected to ' + ip + ':' + IntToStr(port));

      UnhookFunction(my_connect_info);
      Result := connect(s, @inName, SizeOf(inName));
      HookFunction(my_connect_info);
      write_to_log('Connected.');
    end else begin
      UnhookFunction(my_connect_info);
      Result := connect(s, name, namelen);
      HookFunction(my_connect_info);
      write_to_log('Wrong port.');
    end;
  end else begin
      UnhookFunction(my_connect_info);
      Result := connect(s, name, namelen);
      HookFunction(my_connect_info);
      write_to_log('Wrong ip.');
  end;
  except
     on e: exception do
       write_to_log('Something in my hook crashed: '+e.message);
  end;
end;


perhaps it's giving a bogus namelen ?, is -1 possible ? (never work with winsock myself)

slightly off-topic: one thing regarding this method of hooking: Make sure you don't hook functions that could be called by multiple threads at the same time
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
gVianna
How do I cheat?
Reputation: 0

Joined: 20 Aug 2010
Posts: 5
PostPosted: Sat Aug 21, 2010 5:39 pm    Post subject: Reply with quote
Thanks to your help, I found the problem. I was calling inet_ntoa (which needs a space on the memory to write the IP to) without making a call to WSAStartup, so, in the DllMain procedure I added the following lines:

Code:

var WSAData: TWSAData;
begin
...
WSAStartup($0202, WSAData); //0202 means Version 2.2, the lastest one. It would be better debugging the game you are hacking to know the winsock version it starts up.
...
end;


Now I have a second problem. The game I'm cheating is a flash game with a stand-alone executable version. First of all, the executable loads up from the game server a pre-loader to the game, and this pre-loader downloads the game. The problem is:

Code:

Hook installed.
Connect executed.
Connected to 127.0.0.1:2453 //Dunno
Wrong ip.
Connect executed.
Connected to XXX.XXX.XXX.XXX:80 //HTTP Server, downloading the pre-loader
Wrong ip.


Now the game should open, but it don't, so i'm doing something wrong in the connect calls.

EDIT:
I alredy thought the problem could be on UnhookFunction so I made a "original_connect" function jumping 5 bytes after the hook and tried calling it, but no success.


EDIT2:
Problem solved!!
Code:

function my_connect( const s: TSocket; const name: PSockAddr; const namelen: Integer): Integer; stdcall;
var inName: PSockAddrIn;
begin
  inName := PSockAddrIn(name);
  if ( (inName.sin_port = htons(PortHere)) and (inName.sin_addr.S_addr = inet_addr('IP.Here') then begin
    inName.sin_addr.S_addr := inet_addr('127.0.0.1');
    inName.sin_port := htons(NewPortHere);
  end;
  Result := original_connect(s, name, namelen);
end;
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites