ivanvza · July 26, 2022 05:59
diff --git a/w2_32_hook.py b/w2_32_hook.py
 import sys
 import pefile
 import frida

 def on_message (message,data):
    print("[%s]-%s"%(message,data))

 def main(target_process):
    session=frida.attach(target_process) # console.log("sendcalledfrom:"+Thread.backtrace(this.context,Backtracer.ACCURATE).map(DebugSymbol.fromAddress).join("\\n")+"");
    script=session.create_script("""
        var sendPtr = Module.findExportByName("ws2_32.dll","send");
        console.log('sendaddress:'+sendPtr.toString());
        console.log('Hookingws2_32!send');
        Interceptor.attach(sendPtr,{
            onEnter:function(args){
                console.log("buf:"+Memory.readCString(args[1]));
                console.log("len:"+Memory.readCString(args[2]));
        },
        onLeave:function (retval){
        }
    });
    """)
    script.on('message',on_message)
    script.load()
    raw_input('\n\n')
    session.detach()
    
 if __name__ == '__main__':
    target_process = '<someexe.exe>'
    foo = unicode(target_process)
    main(str(foo))
	import sys
	import pefile
	import frida

	def on_message (message,data):
	print("[%s]-%s"%(message,data))

	def main(target_process):
	session=frida.attach(target_process) # console.log("sendcalledfrom:"+Thread.backtrace(this.context,Backtracer.ACCURATE).map(DebugSymbol.fromAddress).join("\\n")+"");
	script=session.create_script("""
	var sendPtr = Module.findExportByName("ws2_32.dll","send");
	console.log('sendaddress:'+sendPtr.toString());
	console.log('Hookingws2_32!send');
	Interceptor.attach(sendPtr,{
	onEnter:function(args){
	console.log("buf:"+Memory.readCString(args[1]));
	console.log("len:"+Memory.readCString(args[2]));
	},
	onLeave:function (retval){
	}
	});
	""")
	script.on('message',on_message)
	script.load()
	raw_input('\n\n')
	session.detach()

	if __name__ == '__main__':
	target_process = '<someexe.exe>'
	foo = unicode(target_process)
	main(str(foo))