[Neeeeeeeeeel.-]

Arkshine hooked socket sendto on his bot played time faker... how could I do the same with socket recv? I tried but I couldn't.

[Neeeeeeeeeel.-]

I hooked recvfrom using sendto hook from Arkshine as a guide.

I looked at the params here http://msdn.microsoft.com/en-us/libr...=vs.85%29.aspx

Then I made my hook:

PHP Code:

size_t PASCAL OnNewRecv(int socket, void* message, size_t length, int flags, struct sockaddr* dest_addr, socklen_t dest_len){
    unsigned char* msg = (unsigned char*)malloc(length);
    char* ip = inet_ntoa(((struct sockaddr_in *)dest_addr)->sin_addr);
    memcpy(msg, message, length);
    size_t ret = 0;
    printf("%s:%d - %s\n", ip, ((struct sockaddr_in *)dest_addr)->sin_port, msg);
    if(RecvHook->Restore()){
        ret = RecvOriginal(socket, message, length, flags, dest_addr, dest_len);
        RecvHook->Patch();
    }
    return ret;
} 


The problem is that I cannot get the IP address properly.

I found that inet_ntoa returns IP address, but it needs IN_ADDR type param. So I casted sockaddr to sockaddr_in to get IN_ADDR value.

PHP Code:

char* ip = inet_ntoa(((struct sockaddr_in *)dest_addr)->sin_addr); 


BUUUUUT this was the result:


I'm testing on a dedicated server so I should see 127.0.0.1 as my address...
As you can see on getchallange packet, my ip seems to be 136.115.171.4 which is impossible...

I also tried sending a test packet with a simple python script...


So the packet arrived but my ip seems to be 0.0.0.0
Port is wrong too.

What am I doing wrong?

[K.K.Lv]

what do you want ?

[Neeeeeeeeeel.-]

Quote:

Originally Posted by K.K.Lv what do you want ?

I want to get my ip at recvfrom hook.

I tried the same code in sendto hook and it works like a charm so the fact that doesn't work in recvfrom is breaking my mind.

[Neeeeeeeeeel.-]

Update:

I have new info about my issue...

I changed the way I get IP address.

PHP Code:

char host[18];
char port[10];
getnameinfo(dest_addr, dest_len, host, sizeof(host), port, sizeof(port), NI_NUMERICHOST);
printf("IP: %s - Port: %s", host, port); 


Now I got:

Code:

IP: 0.0.0.0 - Port: 26002

Port is right...

Ok, if I delete NI_NUMERICHOST flag from getnameinfo I get "Nelson" as address. "Nelson" is my computer name so i'm assuming dest_addr in recvfrom is receiving my addresses as source.

http://msdn.microsoft.com/en-us/libr...=vs.85%29.aspx
Following msdn, I should have source public IP.... I don't know why I'm receiving my own local IP...

[joropito]

If you're behind nat device you can't

[Neeeeeeeeeel.-]

Quote:

Originally Posted by joropito If you're behind nat device you can't

So if I put my gameserver in the cloud would work, wouldn't it?

[joropito]

Yes, with poor performance.
Hooking recvfrom is not recommended for a game server

[K.K.Lv]

Did you want to do something like server query ? then you can this one with the mod function

Code:

#define FN_ConnectionlessPacket  ConnectionlessPacket  /* pfnConnectionlessPacket() (wd) SDK2 */ 

[joropito]

Quote:

Originally Posted by K.K.Lv Did you want to do something like server query ? then you can this one with the mod function Code: #define FN_ConnectionlessPacket  ConnectionlessPacket  /* pfnConnectionlessPacket() (wd) SDK2 */

That's only called if:

1- is not a HL game protocol packet
2- is not a "rcon" request packet
3- is not a "log" request packet
4- is not a "pstat" request packet
5- is not a "connect" request packet
6- is not a "challenge" request packet
7- is not a "getchallenge" request packet
8- is not a server query packet

Also it's handled after steamclient packet handling (authentication, voice processing, etc).

He only want to know the ip address where the game binds it's service.