Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Monitoring Internet downloads

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming
View previous topic :: View next topic  
Author Message
iPromise
Grandmaster Cheater
Reputation: -1

Joined: 27 Jun 2009
Posts: 529
Location: Canada
PostPosted: Thu May 21, 2015 12:52 pm    Post subject: Monitoring Internet downloads Reply with quote
I was planning on building a primitive anti-virus for fun.

I wanted to know how I could go about monitoring all user downloads. I figured that if I hooked whatever references there were for URLDownloadToFile in the kernel I'd be making some progress.

I wanted to confirm if that was how you would go about doing it, otherwise, get an idea of where I should go.
Back to top
View user's profile Send private message MSN Messenger
aikoncwd
Grandmaster Cheater
Reputation: 23

Joined: 21 Dec 2012
Posts: 591
Location: Spain (Barcelona)
PostPosted: Thu May 21, 2015 1:11 pm    Post subject: Re: Monitoring Internet downloads Reply with quote
iPromise wrote:
I was planning on building a primitive anti-virus for fun.

I wanted to know how I could go about monitoring all user downloads. I figured that if I hooked whatever references there were for URLDownloadToFile in the kernel I'd be making some progress.

I wanted to confirm if that was how you would go about doing it, otherwise, get an idea of where I should go.


There are so many ways to download info from internet, URLDownloadToFile is one, but there exist infinite methods to do the same without calling that API (for example with object like XMLHttpRequest). The best way to monitor, filter and controll every traffic is developing a driver that can be attached on the NIC (thats how Kaspersky firewall works, for example):



Doing something like this permit controll every pack-et that flows on the NIC (ethernet or wlan), so filter pack-ets that contains a pattern to determine inbound data, file download, etc...

Godd luck! haha
_________________
Hey Hitler
Test here your skill with CheatEngine, I coded a challenge for you. Try to beat it!
HERE
Back to top
View user's profile Send private message
iPromise
Grandmaster Cheater
Reputation: -1

Joined: 27 Jun 2009
Posts: 529
Location: Canada
PostPosted: Thu May 21, 2015 1:42 pm    Post subject: Reply with quote
Do all of these functions have unique references in the kernel? I'm sure there's some common function that they both end up calling. I'll take a look into that.

That's the next best method I can think of other than monitoring every packet.
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites