I need to create a program that monitors incoming packets to a certain process. Each incoming packet needs to be searched for a string of hex (eg. "FF 00 00 03") and modified to be null (eg. 00 00 00 00). Or, if it's easier, to just completely block the packet from coming through.

I currently have a console app that monitors packets from the whole machine, in and out. But, I can't figure out how to read the whole packet, It's just reading the header info, any ideas? I'm using WinPcap to do this at the moment. I don't know if WinPcap can modify packets or search them though, I've only seen it used to filter packets by ip or protocal, not by the actual content itself. Does anyone know how to do this? If you need my source code please tell and I'll post it.

I used the Microsoft Detours to hook the send/recv functions of a process and run all data through my application before sending through the target process.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of 1.19 million developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.