有没有办法在 Windows 中嗅探命名管道流量?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/3486812/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Is there any way to sniff named pipe traffic in Windows?
提问by est
Is there any tool that can monitor/capture/sniff named pipe traffic?
有没有可以监控/捕获/嗅探命名管道流量的工具?
Even when max instance = 1?
即使最大实例= 1?
采纳答案by ivan_pozdeev
There's no official way.
官方没有办法。
Use API hooking. Hook ReadFile and/or WriteFile, maybe also CreateFileA/W (assuming that the app is a pipe client) and do the necessary things on their invocation.
使用API 挂钩。挂钩 ReadFile 和/或 WriteFile,也可能是 CreateFileA/W(假设应用程序是管道客户端)并在调用时执行必要的操作。
Microsoft has also its own library for API hooking - Detours.
微软也有自己的 API hooking 库——Detours。
