Text only | Text with Images

Valhalla Legends Archive

Programming => General Programming => Visual Basic Programming => Topic started by: Fr0z3N on February 05, 2006, 05:14 PM

Title: [VB6] Memory hooking to view packets?
Post by: Fr0z3N on February 05, 2006, 05:14 PM
Not sure what to call it, but what I wanna do is hook into the d2 memory (if I'm even correct here) and view the incoming packets IE. too see if you get hostiled or to see if someones dies etc.  I have no idea where to start so help would be nice.  ;D
Title: Re: [VB6] Memory hooking to view packets?
Post by: topaz on February 05, 2006, 07:12 PM
Ethereal
Title: Re: [VB6] Memory hooking to view packets?
Post by: Fr0z3N on February 05, 2006, 08:24 PM
I wanna do it IN my program.
Title: Re: [VB6] Memory hooking to view packets?
Post by: Joe[x86] on February 05, 2006, 08:48 PM
Reference WinPcap.

EDIT -
Alright, I'll admit, that was way to vague.

WinPcap stands for Windows packet capture library, and it's what's in the background of Ethereal. I've never used it before (as a developer, as an actual user I have, of course), but I asume it'd work something like the Winsock API's, where it fires a callback routine when an event happens. You seem to have gotten those to work fine, so I don't think you'll have much trouble getting WinPcap to work.

A little reminder, though: WinPcap returns the entire packet, not the TCP body. First, you'll need to check if it's even TCP, then see if it's being recieved, then see if the checksum is correct (not required), then see if it's on port 6112. The TCP header is 0x36 bytes long.
Title: Re: [VB6] Memory hooking to view packets?
Post by: MyndFyre on February 06, 2006, 10:36 AM
Quote from: Joe on February 05, 2006, 08:48 PM
Reference WinPcap.

http://www.winpcap.org/misc/faq.htm#Q-9

QuoteQ-9: Can I use WinPcap with Visual Basic?

A: We don't support Visual Basic and we are not able to provide help on this subject because we don't know enough about it. BeeSync has developed an ActiveX control that integrates winpcap packet capture functionality with Visual Basic or any other programming environment supporting Microsoft ActiveX technology. You can find it at http://www.beesync.com/products.html.
Title: Re: [VB6] Memory hooking to view packets?
Post by: Fr0z3N on February 06, 2006, 05:31 PM
So thats a yes or no with that? If no, any other ideas?
Title: Re: [VB6] Memory hooking to view packets?
Post by: Joe[x86] on February 06, 2006, 11:09 PM
That's a "yes but we won't tell you how".
Title: Re: [VB6] Memory hooking to view packets?
Post by: Joe[x86] on February 06, 2006, 11:51 PM
Joe + 45 minutes of boredom + IDE = This (http://www.javaop.com/uploads/guest/VB_BNCSMON.zip)
Title: Re: [VB6] Memory hooking to view packets?
Post by: UserLoser on February 07, 2006, 12:21 AM
Quote from: Joe on February 06, 2006, 11:51 PM
Joe + 45 minutes of boredom + IDE = This (http://www.javaop.com/uploads/guest/VB_BNCSMON.zip)

Code Select

'---------------------------------------------------------------------------------------
' Procedure : RemoveVoid
' Author    : Joe[e2]
' Purpose   : Remove a VOID, of specified length.
'---------------------------------------------------------------------------------------

Public Function RemoveVoid(Length As Integer)
    Buffer = Mid(Buffer, Length + 1)
    RemoveVoid = Mid(Buffer, 1, Length)
End Function


That's funny.
Title: Re: [VB6] Memory hooking to view packets?
Post by: UserLoser on February 07, 2006, 03:09 PM
Just the term and function name - "Remove a void"
Title: Re: [VB6] Memory hooking to view packets?
Post by: Fr0z3N on February 13, 2006, 07:13 PM
Quote from: Joe on February 06, 2006, 11:51 PM
Joe + 45 minutes of boredom + IDE = This (http://www.javaop.com/uploads/guest/VB_BNCSMON.zip)

After much work trying to get that to work, I have come to one thing I cannot seem to figure out.

Code Select

Private Sub objPacketX_OnPacket(ByVal pPacket As PacketXLibCtl.IPktXPacket)
    If pPacket.Protocol = PktXProtocolTypeTCP Then
        If pPacket.SourcePort = 6112 Then
            Call modProtocol.Parse_Server(pPacket.Data)
        End If
        If pPacket.DestPort = 6112 Then
            Call modProtocol.Parse_Client(pPacket.Data)
        End If
    End If


Both these lines are being highlighted with Type Mismatch

Code Select

            Call modProtocol.Parse_Server(pPacket.Data)

            Call modProtocol.Parse_Client(pPacket.Data)


When I switch them to .DataArray all I am seeing is Sent 0x3F, Received 0x3F over and over. But for some reason they are not working with just .Data
Title: Re: [VB6] Memory hooking to view packets?
Post by: LivedKrad on February 16, 2006, 09:36 PM
Quote from: Fr0z3N on February 13, 2006, 07:13 PM
Quote from: Joe on February 06, 2006, 11:51 PM
Joe + 45 minutes of boredom + IDE = This (http://www.javaop.com/uploads/guest/VB_BNCSMON.zip)

After much work trying to get that to work, I have come to one thing I cannot seem to figure out.

Code Select

Private Sub objPacketX_OnPacket(ByVal pPacket As PacketXLibCtl.IPktXPacket)
    If pPacket.Protocol = PktXProtocolTypeTCP Then
        If pPacket.SourcePort = 6112 Then
            Call modProtocol.Parse_Server(pPacket.Data)
        End If
        If pPacket.DestPort = 6112 Then
            Call modProtocol.Parse_Client(pPacket.Data)
        End If
    End If


Both these lines are being highlighted with Type Mismatch

Code Select

            Call modProtocol.Parse_Server(pPacket.Data)

            Call modProtocol.Parse_Client(pPacket.Data)


When I switch them to .DataArray all I am seeing is Sent 0x3F, Received 0x3F over and over. But for some reason they are not working with just .Data

.DataArray is a byte array containing each byte in the message. So if Joe's function is supposed to read some sort of Variant data (which .Data is) then passing an array won't do any good as I think it will only read the first byte. (Not sure, did not download the source).
Text only | Text with Images