Jump to content
  • Advertisement
Sign in to follow this  

API Hooking.

This topic is 4622 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Hello everyone, I have a question about API Hooking on ventrilo( www.ventrilo.com ) That im want to do is this: 1. Hook the API Function that handle the "when a user connect" msg.¨ 2. I want to make a popup with the user name that just connected. I hope anyone understand what Im trying to do and can help me with this and can point me somewere. Thanks all.

Share this post

Link to post
Share on other sites
Well here is how I started:

First I get the ( HANDLE ) to the process:

HANDLE pProcess;

int FindProcess( char *pProcessName )
int count=0;
HANDLE hSnapShot=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);

if(Process32First(hSnapShot, &ppe))
while(Process32Next(hSnapShot, &ppe) && count<MAX_PROCESS-1)
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS,FALSE, ppe.th32ProcessID );

pProcess = hProcess;
//hProcess[count].PID = ppe.th32ProcessID;

return count;


FindProcess( "Ventrilo.exe" );

then I read the memory using the ReadProcessMemory command.

Address: A18E30 == Ping in ventrilo 2.1.0

int pPing=0;

ReadProcessMemory( pProcess, (LPVOID)0xA18E30, &pPing, sizeof( pPing ), NULL);

printf( "Ping: %i\n", pPing );


Well that I dont know is how to access the functions to see if someone connects
and then copy his name and display it.

Come on someone point me somewere :]


Share this post

Link to post
Share on other sites
there are many ways to hook the WINSOCK apis.

1. you can make a dll injection which basicly inject a dll to any process and by that inject jmp instruction to your dll hook function. this basicly called trampolin function (jumping to your function and return back).

2. there is allways a possiblity to do a dispatch hooking or write a TDI kernel driver , I believe this is not one of your ideas incase you are up for a game.

3. I believe this will be the best way for you to do it, (remember, I do have no clue why are you trying to hook) search for google for "LSP". LSP is a service provider that basicly is part of the chain between the a winsock user (a user-application that try to establish a connection via winsock) and the TCP-IP stack. by writing a LSP provider you can basicly "hook" to every process that using winsock and legaily recieve every winsock call before the TCP stack.

in case you are still up for api hooking which I am aginst in commercial products you better look for "detours" on microsoft research home page ,"detour" is a hook api kit made by microsoft research guys which basicly hook by dll-injection. the idea for this product is to instrument an application performance.

hope somthing will be helpfull from this reply.

Share this post

Link to post
Share on other sites
Sign in to follow this  

  • Advertisement

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

GameDev.net is your game development community. Create an account for your GameDev Portfolio and participate in the largest developer community in the games industry.

Sign me up!