EasyHook recv doesn't “hook” all packets

Question

I managed to write a semiworking EasyHook example that hooks recv function. I wrote a form, added a WebBrowser component, and started the application. The problem is, I get the

Answer 1

I wrote a tool dumping http using sharppcs in c#. It uses the winpcap-driver. I think it is more reliable tan apihooks.

HTTPSaver (with sources)
SharpPcap
Winpcap

Answer 2

Problem Solved. The line that created trouble was

CreateRecvHook.ThreadACL.SetExclusiveACL(new Int32[] { 0 });

I changed it to

CreateRecvHook.ThreadACL.SetInclusiveACL(new Int32[] { 0 });

and now everything works just fine. Thanks everybody :)

Answer 3

There are a lot of different functions used with sockets. Maybe the plugin is not using the function named recv. Off the top of my head I can think of recvfrom, recvmsg, WSARecv, WSARecvFrom, WSARecvMsg, ReadFile, ReadFileEx.

Then, the plugin could be doing requests with overlapped I/O (possibly complicated by completion routines or completion ports), in which case the data isn't stored during the e.g. ReadFile function call but at some later time. Hooking those would be considerably more challenging.