I wrote this code to hook API functions by changing the address in the IAT and EAT: http://pastebin.com/7d9N1J2c
This works just fine when I want to hook "recv" or "connect". However for some unknown reason when trying to hook "gethostbyname", my hook function is never called.
I tried to find "gethostbyname" in a debugger by taking the base address of the wsock32.dll module + 0x375e, which is what the ordinal 52 of my wsock32.dll is showing as offset. But that just makes me end up in some random asm code, not at the beginning of a function.
The same method however works fine for trying to find the "recv" entry point.
Does anyone see what I might be doing wrong?
I recommend this tool:
http://www.moduleanalyzer.com/
They do exactly the same and show the url that was connected with that API.
The problem is that there are more than one API to translate an url to an address. The application you are hooking may be using another version of the API that you're not intercepting.
Run some disassembler like IDA and attach to your process after you hook this functions, ida get apply changes on attaching and play process and check what is wrong.
In other way you have many libraries to do hooks with trampolines like Microsoft Detours, NCodeHook etc.
Related
Looking at the MDN documentation IOS/Safari fully supports ServiceWorkerGlobalScope.onfetch but when you look at the FetchEvent specification it says it is not supported at all by Safari.
In particular, I would like to store some state for each client and was hoping to use the fetchEvent.clientId property of the event to index it. Of course I presume I also have access to the fetchEvent.request object otherwise I can't see how a service worker can do anything useful and I could simulate clientID from a passed in parameter in the url. But the docs don't really tell me what IOS/Safari supports and doesn't so I don't know which way to go.
Can someone please tell me precisely what does IOS/Safari pass when it calls the defined onfetch function.
I found the answer to my question by using https://jakearchibald.github.io/isserviceworkerready/demos/fetchevent/
connecting my iPad to my Macbook and debugging my iPad. I was eventually able to open the web inspector for the Service worker for that page, and the console.log showed the event passed in.
FetchEvent.clientID is present but a zero length string. As it happens I did the same thing on my (linux) Desktop using Chrome and its also a zero length string, BUT it has another parameter resultingClientId with what looks like a UUID in it. That parameter is not there in Safari.
The FetchEvent.request is there, and in particular the URL. So I can generate my own client id in the client (I am using Date.now().toString() as that is good enough for my purposes) for use in the service worker. In fact my site without a service worker was using the in the URLs I need to intercept already, so I am happy that I have a solution.
I'm trying to get the Watson Visual Recognition to run client side by using express-browserify with reference to the node-sdk for watson-developer-cloud. The VisualRecognitionV3 makes use of the fs package hence I get the fs.existsSync error when I'm trying to call it from the client-side as the browser doesn't know which filesystem to use. My question is how do I go about creating a so called 'abstraction layer' as I am restricted to using the express-browserify package for cross origin calls.
This thread is pretty helpful in shedding some light but I'm not sure where to start regarding the 'abstraction layer' or if there are any other solutions. Also, would something like socket.io work for this? I've linked a clone of the directory here as it seems less clunky than pasting the multiple portions below.
The repository can be cloned and just requires a personal iam_apikey with relevant launch configuration. Appreciate any pointers. Thanks!
I didn't manage to sort this out with express-browserify due to the require(fs) from browser issue but I was able to get it running using the express-ws package
How do I make an actual remote call?
I've followed the guide: https://codelabs.developers.google.com/codelabs/webrtc-web/#4
And gotten their example fully integrated in my application (Angular, TypeScript, multi webcam &etc).
How do I make the remote call actually remote? - I get the idea of a signalling server, but maybe someone can show with basic strings?
I found this, but it's not been updated in a while so I'm not sure what's still valid:
Found some nice sequence diagrams https://webrtc.org/native-code/native-apis/
Setup call
(source: webrtc.org)
Receive a Call
(source: webrtc.org)
Close Down a Call
(source: webrtc.org)
I finished the https://www.ethereum.org/crowdsale tutorial in Ethereum and intentionally left the crowdsale having failed its funding goal (sample code at the start of the page). I fired the "safeWithdrawal" function from within Ethereum-Wallet and it adds the transaction on to the blockchain. But at this point I do not know how to listen to the response. The ether I sent was not returned.
I would like the ether to be returned.
I would like to know how to listen to the event that should have fired. Or any feedback mechanism to know that the why / how the event fired.
Screenshot: http://i.stack.imgur.com/2lsVo.png
Currently, the Ethereum-Wallet has no debugger built-in for smart contracts.
I suggest, you code up your example using the browser-solidity. It allows you not only to code and test the deployment but got most recently a debugger built in. Click the little bug.
The debugger used in browser solidity is remix which is both a javascript IDE but also a library which can be attached to your own javascript projects. It is possible that future releases of Ethereum-Wallet will also include remix, this would simplify your task pretty much.
But for now, the mentioned browser tool seems like perfectly suited for your needs.
I'm trying to create a custom build of noflo-ui that is effectively only a graph editor. Don't need it to connect to any runtimes.
I'm struggling to find where I can inject this code as it appears part of noflo-ui is written in noflo itself and I cannot find the scripts for those pieces.
For example, in graphs/main.fbp, there is this line:
'user,main,project,github,runtime,context' -> ROUTES Dispatch
Three questions on this:
Where is the source behind the Dispatch component?
If I add my own interface elements to Load data from an external api, where would be the best place to inject that data?
I see a lot of event driven code, so I'm guessing I would add a new polymer element, do my ajax call, the emit or fire something. I believe this is what happens when connecting to a noflo-nodejs runtime; I've traced the connection to line 51312 in a built noflo-ui.js
return port.send({
componentDefinition: definition
});
... but I can't figure out where it goes past here. A port on the main.fbp graph? As per my 1st question, I cannot find the source behind these core graphs.
And this leads to my last question
The code I pasted above from noflo-ui, I cannot find this code anywhere pre-build. I even searched the entire project tree for "componentDefinition: definition". Where is this coming from?
Any pointers on this would be greatly appreciated! Thanks
The FBP runtime protocol is the primary extension point of noflo-ui. You can implement a "runtime" which just provides components and graphs (for instance from a database), without a way to run these.
A network:persist message to let the UI indicate that "this is a good point to save the graphs" has been specced but is currently not implemented. For now you can just autosave latest state.