I need to create a program that monitors incoming packets to a certain process. Each incoming packet needs to be searched for a string of hex (e.g. FF 00 00 03) and modified to be null (e.g. 00 00 00 00). Or, if it's easier, to just completely block the packet from coming through.
I currently have a console app that monitors packets from the whole machine, in and out. But, I can't figure out how to read the whole packet, It's just reading the header info, any ideas? I'm using WinPcap to do this at the moment. I don't know if WinPcap can modify packets or search them though, I've only seen it used to filter packets by IP or protocol, not by the actual content itself. Does anyone know how to do this? If you need my source code please tell and I'll post it.
Submit an article or tip