I had a quick read through one of the documents discussing various sniffing techniques. All the techniques for detecting a NIC in promiscuous mode had one thing in common ...
They all had to send...
Type: Posts; User: maggotboy
I had a quick read through one of the documents discussing various sniffing techniques. All the techniques for detecting a NIC in promiscuous mode had one thing in common ...
They all had to send...
Mutexes are used to restrict access by multiple threads to a single resource. Mutexes are mutual-exclusive locks. If one thread owns the lock, then another thread must wait until the lock is...
I've been pretty busy lately, and haven't really had much time to spend on the boards. I must say I was rather taken aback by the massive response to the sniffer code! I wish I had more free time...
20,000 users being banned would undoubtedly generate several more thousand players quitting in protest, followed by untold thousands of people who would've signed up but decided not to after the...
I'm back from the Thanksgiving holidays, so I'm getting caught up on the threads and will be posting ASAP.
Maggotboy
Blackjack -- these warnings are nothing to worry about. They stem from a compiler option you forgot to turn off called "Check for 64-bit compatibility" or somesuch thing. It simply alerts you to...
Wolf208 -- are you sure you're not doing what many have done, and calling the HookProc from RUNDLL32 instead of InstallHook?
Maggotboy
I'll install the DDK from my MSDN Universal subscription and have a look at the samples. Ideally, I'd like to start a timer in kernel mode to read the memory location, which would allow the original...
Lets have a look at it!
Maggotboy
When you renamed the InstallHook, HookProc and ReleaseHook functions, did you call HookProc "pcpnote" ? If so, this would cause your crash -- you must use InstallHook in the RUNDLL32 cmdline (or the...
I think my V1 sniffer code was my 4th or 5th post to the board :)
This is telling ... it tells me your calling rundll32.exe test2.dll,HookProc instead of rundll32.exe test2.dll,InstallHook
You'll get immediate exception errors if you call HookProc from RUNDLL32!...
What port are you telling SEQ to listen on?
Maggotboy
So far, the most frequent problems in the V1 and V2 code have been:
RUNDLL32 doesn't unload. Supposedly solved in V1.4 and V2.05
EQ crashes right after a keypress. Unresolved, make sure you're...
There's nearly 300 posts on the V1 and V2 code, so sifting through it all is both tiring and annoying ... thus I'm breaking out the most frequent problems into new threads. One for compile problems,...
It's too confusing to sort through the 200+ posts trying to figure out if your crash matches someone else's, so I thought I'd start a new thread for those people who're crashing in an attempt to...
fooo -- hehe, aye... I'm an independent software developer, and for what I do, its worth the 2k/yr to have the Universal subscription.
However, you don't need it to download the platform sdk. ...
Mongo222 - which issue ... the LCC compiling issue, the not sending SEQ a key issue or the crash on keypress issue?
LCC: I've never used it, and since other people are, I would rather leave this...
Not at all, Sodom. To hook into explorer.exe you use the same SetWindowsHookEx() method that I used to hook into the EQ game in my previos sniffer techniques.
You set the hook globally, which...
Variety is the spice of life, and the more sniffers there are, and the broader the techniques, the better off we'll all be.
Using the demo code from the Microsoft Platform SDK, I'm working on a...
cmore -- make sure the eqsniffer2.cpp file is the only .c or .cpp file in the project. The linker is telling you more than one DllMain is declared somewhere, which means you probably forgot to take...
Revved the code to 1.4 to fix a bug in my call to GetTempFileName() which is more than likely (I am sure) causing the RUNDLL32 not unloading problem.
Maggotboy
Maggotboy gets a RTSM (Read The Stinking Manual for those of us who don't swear) for this blunder with the event handle ...
Thanks to Raelik and a quick look at GetTempFileName, I'm not supposed...
Ok, that's enlightening, Raelik!
Creating event handle "" -- this means the name didn't take for some reason. I call GetTempFileName(), perhaps this function is failing somehow.
This would...
Unfortunately, I have limited environments from which to test here ... I would love to solve the unhooking problem first. I'm sure its related to some of the crashes people have been seeing, and...