WriteProcessMemory(ProcessHandle, AddRecv, @OldProc[1], 8, dwSize);
Result := OldRecv(S, Buf, len, flags); //截断封包
if (Result > 256) then
Result := 256;
//丢弃封包该怎么做?
//result = 0; ??? -1 ???? JmpCode.Address := @MyRecv;
WriteProcessMemory(ProcessHandle, AddRecv, @JmpCode, 8, dwSize);嗯,核心就是想实现丢弃封包。result给-1好像会导致socket通信over了
Result := OldRecv(S, Buf, len, flags); //截断封包
if (Result > 256) then
Result := 256;
//丢弃封包该怎么做?
//result = 0; ??? -1 ???? JmpCode.Address := @MyRecv;
WriteProcessMemory(ProcessHandle, AddRecv, @JmpCode, 8, dwSize);嗯,核心就是想实现丢弃封包。result给-1好像会导致socket通信over了
http://www.cnblogs.com/bits/archive/2009/03/01/Ring3_Hook-NtDeviceIoControl.html
不知道有没有好的办法,网络方面我还是比较烂的……等待大牛
另外有一办法肯定可行:
调用一次
Result := OldRecv(S, Buf, len, flags);
麻烦详细说说,行吗?在线等,谢谢
如果是,我就丢弃(比方1024个字节的0)//ADDRECV
ReadProcessMemory(ProcessHandle, AddRecv, @OldProc[1], 8, dwSize);
JmpCode.Address := @MyRecv;
WriteProcessMemory(ProcessHandle, AddRecv, @JmpCode, 8, dwSize); //修改Recv入口//MyRecv
WriteProcessMemory(ProcessHandle, AddRecv, @OldProc[1], 8, dwSize);
Result := OldRecv(S, Buf, len, flags); //截断封包
if (Result > 256) then
Result := 256;
//丢弃封包该怎么做? 希望丢弃封包,但是保持连接
//result = 0; ??? -1 ???? JmpCode.Address := @MyRecv;
WriteProcessMemory(ProcessHandle, AddRecv, @JmpCode, 8, dwSize);
WriteProcessMemory(ProcessHandle, AddRecv, @OldProc[1], 8, dwSize);repeat
Result := OldRecv(S, Buf, len, flags);
until Result<256 ; JmpCode.Address := @MyRecv;
WriteProcessMemory(ProcessHandle, AddRecv, @JmpCode, 8, dwSize);
这样应该是可以的了,把>256的包丢了。
但你这个办法不是很好的。如果快速地发几个小包也会粘在一起成大包。