14 Dec
2010
14 Dec
'10
2:15 a.m.
Attached is a patch to take kernel32/ntdll ReadFile and WriteFile requests on sockets and pass them to WSARecv and WSASend. This patch is part of a series I'm working on for the infamous C&C networking bug (Bug #7929). The functionality added by this patch was requested by a previous RFC response so that ReadFile and WriteFile requests will have all the same filtering as WSARecv and WSASend. Any and all feedback is greatly appreciated.
Erich Hoover ehoover@mines.edu