# $Id: hooks.py,v 1.3 2006/06/23 21:48:22 hochoa Exp $
# (c) 2006,  Core Security Technologies
# author: Hernan Ochoa (hochoa@corest.com)
#

import os
import win32api
import win32process
import win32event


hexeditor_bin = "C:\Program Files\BreakPoint Software\Hex Workshop 4.2\hworks32.exe"

def runHookHexEditor(buff_len, data):
	data_filename = "phdata.dat"
	f = open( data_filename, "wb")
	f.write( data )
	f.close()
	
	si = win32process.STARTUPINFO()
	# Set the position in the startup info.
	si.dwX = 0
	si.dwY = 0
	si.dwXSize = 0
	si.dwYSize = 0
	si.dwFlags = 0
	# And indicate which of the items are valid.
	# Rest of startup info is default, so we leave it alone.
	# Create the process.
	info = win32process.CreateProcess(
None, # AppName
		("%s %s" % (hexeditor_bin, data_filename)), # Command line
		None, # Process Security
		None, # ThreadSecurity
		0, # Inherit Handles?
		win32process.NORMAL_PRIORITY_CLASS,
		None, # New environment
		None, # Current directory
		si) # startup info.
	# Return the handle to the process.
	# Recall info is a tuple of (hProcess, hThread, processId, threadId)
	#return info[0]
	win32event.WaitForSingleObject( info[0], win32event.INFINITE )

	f = open(data_filename, "rb")
	newdata = f.read()
	f.close();
      
	os.unlink(data_filename)

	return (len(newdata), newdata) 

def hook_send_packet(hlen, hbuff):
	print "send_packet"
	print "len: %d" % hlen
	return runHookHexEditor(hlen, hbuff)

def hook_recv_packet(hlen, hbuff):
	print "recv_packet!"
	print "len: %d" % hlen
	return runHookHexEditor(hlen, hbuff)