Hi all winsock programmers,

I've coded a little utility, mainly for myself, to follow all send & recv calls in your winsock programs. It will open your program as debugger and hooks several winsock APIs (both old winsock & winsock 2).

It will show a tablist with all the sockets your program created and allow you to display what data has been send and received on each socket (well at most the last 4KB of data, as it uses an internal buffer of 4KB).

It is intended for use with applications that use a text-based protocol like HTTP/FTP etc., but binary data will not do any harm (it doesn't look well though :) ).

I will release the code when I cleaned it (not asm (sorry :) ), but plain C so should be easy to convert if you want to use pieces of it).


edit: fixed a bug in the 'close all' rightclick menu, if you downloaded please download again.

edit2: You will need win2000 or higher to run this, win9x is not supported...
Posted on 2002-03-07 14:30:31 by Thomas
Is there any possibility to convert it to win9x (without to many effort)?

I ask because I use Win98 and don't know anything about the programming differences between Win2000 and Win9x.
Posted on 2002-03-07 18:19:47 by TCT
Is there any possibility to convert it to win9x


(without to many effort)?

No :)

There is not much difference between *programming* in win9x or win2k (of course the OS is totally different), but win9x lacks some functions that made it quite easy to make API hooks. For example, there is no VirtuallAllocEx and no OpenThread in win9x.

Without these functions I would need to rewrite the whole thing for win9x, using a shared DLL or something instead. I don't have time for this right now.. maybe someday but not soon.

If you want to convert it feel free to do so... I will release the source soon.

Posted on 2002-03-08 02:58:13 by Thomas
Doesn't matter.:D

But I think I have to learn *a bit* more before I can convert it.
Posted on 2002-03-08 04:36:44 by TCT
Very nice Thomas. Thanks for sharing it. I already know I can use it.
Posted on 2002-03-08 18:33:07 by rdaneel
Lovely piece of work, can't wait to see the source. What are the hex values in the tabs by the way? The socket handles?
Posted on 2002-04-06 12:17:42 by endeavour
Yes the hex values are the socket handles.. They can appear twice as the tabs aren't removed when the socket is closed (so you can view data even after it) and new sockets often have the same handles as old closed ones..
I'll put the source on my site soon.

Posted on 2002-04-06 13:57:04 by Thomas
The C source is available for download at my site now.

Posted on 2002-04-07 05:28:13 by Thomas
Exactly what I need ! :alright:

A lot of thx ! :grin:
Posted on 2002-04-07 05:50:25 by Djizeus
Thanks a lot, I'll take a look later.
Posted on 2002-04-07 06:33:34 by endeavour
Thomas, I cant download anything off your site because of that anti-leech script. You should get rid of it.
Posted on 2002-04-08 18:56:00 by Stan
If you are using Opera, try enabling the referrer logging. That should work.

Posted on 2002-04-09 04:07:35 by Thomas