mirror of
https://github.com/solemnwarning/ipxwrapper
synced 2024-12-30 16:45:37 +01:00
Log all stub DLL calls in winsock_calls.txt if enabled in the registry.
This commit is contained in:
Daniel Collins
parent
c40022a6af
commit
f2ca6e3028
80
mkstubs.pl
80
mkstubs.pl
@ -1,5 +1,5 @@
|
||||
# ipxwrapper - Create stub functions from headers
|
||||
# Copyright (C) 2008 Daniel Collins <solemnwarning@solemnwarning.net>
|
||||
# IPXWrapper - Generate assembly stub functions
|
||||
# Copyright (C) 2008-2011 Daniel Collins <solemnwarning@solemnwarning.net>
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify it
|
||||
# under the terms of the GNU General Public License version 2 as published by
|
||||
@ -32,45 +32,71 @@ foreach my $line(<STUBS>) {
|
||||
}
|
||||
}
|
||||
|
||||
print CODE "section .rdata:\n";
|
||||
|
||||
if(@ARGV == 3) {
|
||||
print CODE "section .rdata:\n";
|
||||
print CODE "\tglobal\t_dllname\n";
|
||||
print CODE "\tdllname_s:\tdb\t'wsock32.dll'\n";
|
||||
print CODE "\t_dllname:\tdd\tdllname_s\n\n";
|
||||
print CODE "\t_dllname:\tdd\tdllname_s\n";
|
||||
}
|
||||
|
||||
print CODE "section .data\n";
|
||||
|
||||
for($n = 0; $n < @stubs; $n++) {
|
||||
my $func = $stubs[$n];
|
||||
$func =~ s/^r_//;
|
||||
foreach my $func(@stubs) {
|
||||
my $real_func = $func;
|
||||
$real_func =~ s/^r_//;
|
||||
|
||||
print CODE "\tname$n:\tdb\t'$func', 0\n";
|
||||
print CODE "\taddr$n:\tdd\t0\n";
|
||||
print CODE "\t$func\_sym:\tdb\t'$real_func', 0\n";
|
||||
}
|
||||
|
||||
print CODE "\nsection .data\n";
|
||||
|
||||
if(@ARGV == 3) {
|
||||
print CODE "\textern\t_call_log\n";
|
||||
}
|
||||
|
||||
foreach my $func(@stubs) {
|
||||
print CODE "\t$func\_addr:\tdd\t0\n";
|
||||
}
|
||||
|
||||
print CODE "\nsection .text\n";
|
||||
print CODE "\textern\t_find_sym\n";
|
||||
#print CODE "\textern\t_log_call\n";
|
||||
|
||||
for($n = 0; $n < @stubs; $n++) {
|
||||
my $func = $stubs[$n];
|
||||
print CODE "\tglobal\t_$func\n";
|
||||
if(@ARGV == 3) {
|
||||
print CODE "\textern\t_fputs\n";
|
||||
print CODE "\textern\t_fputc\n";
|
||||
}
|
||||
|
||||
for($n = 0; $n < @stubs; $n++) {
|
||||
my $func = $stubs[$n];
|
||||
|
||||
print CODE "\n_$func:\n";
|
||||
#print CODE "\tpush\tname$n\n";
|
||||
#print CODE "\tcall\t_log_call\n";
|
||||
print CODE "\tcmp\tdword [addr$n], 0\n";
|
||||
print CODE "\tjne\tjmp$n\n";
|
||||
print CODE "\tpush\tname$n\n";
|
||||
foreach my $func(@stubs) {
|
||||
print CODE "\nglobal\t_$func\n";
|
||||
print CODE "_$func:\n";
|
||||
|
||||
if(@ARGV == 3) {
|
||||
print CODE "\tcmp\tdword [dword _call_log], 0\n";
|
||||
print CODE "\tje\t$func\_nolog\n";
|
||||
|
||||
# Write symbol name to log with fputs
|
||||
#
|
||||
print CODE "\tpush\tdword [dword _call_log]\n";
|
||||
print CODE "\tpush\t$func\_sym\n";
|
||||
print CODE "\tcall\t_fputs\n";
|
||||
print CODE "\tadd esp, 8\n";
|
||||
|
||||
# Write newline to log with fputc
|
||||
#
|
||||
print CODE "\tpush\tdword [dword _call_log]\n";
|
||||
print CODE "\tpush\tdword 0x0A\n";
|
||||
print CODE "\tcall\t_fputc\n";
|
||||
print CODE "\tadd esp, 8\n";
|
||||
|
||||
print CODE "\t$func\_nolog:\n";
|
||||
}
|
||||
|
||||
print CODE "\tcmp\tdword [$func\_addr], 0\n";
|
||||
print CODE "\tjne\t$func\_jmp\n";
|
||||
print CODE "\tpush\t$func\_sym\n";
|
||||
print CODE "\tcall\t_find_sym\n";
|
||||
print CODE "\tmov\t[addr$n], eax\n";
|
||||
print CODE "jmp$n:\n";
|
||||
print CODE "\tjmp\t[addr$n]\n";
|
||||
print CODE "\tmov\t[$func\_addr], eax\n";
|
||||
print CODE "\t$func\_jmp:\n";
|
||||
print CODE "\tjmp\t[$func\_addr]\n";
|
||||
}
|
||||
|
||||
close(CODE);
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
/* ipxwrapper - Stub DLL functions
|
||||
* Copyright (C) 2008 Daniel Collins <solemnwarning@solemnwarning.net>
|
||||
/* IPXWrapper - Stub DLL functions
|
||||
* Copyright (C) 2008-2011 Daniel Collins <solemnwarning@solemnwarning.net>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License version 2 as published by
|
||||
@ -23,9 +23,7 @@ static HMODULE ipxdll = NULL;
|
||||
static HMODULE sysdll = NULL;
|
||||
extern char const *dllname;
|
||||
|
||||
#ifdef LOG_CALLS
|
||||
static FILE *call_log = NULL;
|
||||
#endif
|
||||
FILE *call_log = NULL;
|
||||
|
||||
void __stdcall *find_sym(char const *symbol);
|
||||
void debug(char const *fmt, ...);
|
||||
@ -49,9 +47,21 @@ static void load_dlls() {
|
||||
|
||||
BOOL WINAPI DllMain(HINSTANCE me, DWORD why, LPVOID res) {
|
||||
if(why == DLL_PROCESS_ATTACH) {
|
||||
#ifdef LOG_CALLS
|
||||
call_log = fopen("calls.log", "a");
|
||||
#endif
|
||||
HKEY key;
|
||||
|
||||
if(RegOpenKeyEx(HKEY_CURRENT_USER, "Software\\IPXWrapper", 0, KEY_QUERY_VALUE, &key) == ERROR_SUCCESS) {
|
||||
DWORD size = 1;
|
||||
unsigned char log_calls;
|
||||
|
||||
if(RegQueryValueEx(key, "log_calls", NULL, NULL, (BYTE*)&log_calls, &size) == ERROR_SUCCESS && size == 1) {
|
||||
if(log_calls && (call_log = fopen("winsock_calls.log", "a"))) {
|
||||
setbuf(call_log, NULL);
|
||||
fprintf(call_log, "%s loaded\n", dllname);
|
||||
}
|
||||
}
|
||||
|
||||
RegCloseKey(key);
|
||||
}
|
||||
}
|
||||
|
||||
if(why == DLL_PROCESS_DETACH) {
|
||||
@ -65,10 +75,10 @@ BOOL WINAPI DllMain(HINSTANCE me, DWORD why, LPVOID res) {
|
||||
ipxdll = NULL;
|
||||
}
|
||||
|
||||
#ifdef LOG_CALLS
|
||||
fclose(call_log);
|
||||
call_log = NULL;
|
||||
#endif
|
||||
if(call_log) {
|
||||
fclose(call_log);
|
||||
call_log = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
@ -109,10 +119,3 @@ void debug(char const *fmt, ...) {
|
||||
real_debug("%s", msgbuf);
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef LOG_CALLS
|
||||
void __stdcall log_call(const char *sym) {
|
||||
fprintf(call_log, "%s\n", sym);
|
||||
fflush(call_log);
|
||||
}
|
||||
#endif
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user