Delphi Winsock Hooking Example by Aphex[2]

sp; DataBuffer[0] := chr(10);  //changing first byte
    DataBuffer[1] := chr(20);  //changing second byte
    DataBuffer[2] := chr(30);  //changing thrid byte
    //using the data as a pointer to other data sizes
    word(pointer(DataBuffer)^) := 10; //changing first 2 bytes
    dword(pointer(integer(DataBuffer) + 2)^) := 20; //changing next 4 bytes
    word(pointer(integer(DataBuffer) + 6)^) := 30; //changing next 2 bytes
    //overwrite the original data with our new data
    CopyMemory(@Buf, DataBuffer, Result);
  finally
    FreeMem(DataBuffer);
  end;
  //convert data to readable ascii suitable for logging
  AsciiBuffer := ConvertDataToAscii(@Buf, Result);
  //convert data to readable hex suitable for logging
  HexBuffer := ConvertDataToHex(@Buf, Result);
  //call the real winsock function
  Result := sendNextHook(s, Buf, len, flags);
end;

procedure EntryPoint(Reason: dword); stdcall;
var
  lpFileName: array [0..MAX_PATH - 1] of char;
  StartInfo: TStartupInfo;
  ProcInfo: TProcessInformation;
begin
  if Reason = DLL_PROCESS_ATTACH then
  begin
    //check if we are injected inside the target
    if lstrcmpi(pchar(Copy(ParamStr(0), Length(ParamStr(0)) - Length(szTargetExe) + 1, Length(szTargetExe))), pchar(szTargetExe)) = 0 then
    begin
      //if we are then we hook the needed functions
      DataSocket := 0;
      HookCode(@send, @sendHookProc, @sendNextHook);
      HookCode(@recv, @recvHookProc, @recvNextHook);
    end
    else
    begin
      //if not then load the target and inject ourself
      GetModuleFileName(hInstance, @lpFileName, MAX_PATH);
      ZeroMemory(@StartInfo, SizeOf(TStartupInfo));
      ZeroMemory(@ProcInfo, SizeOf(TProcessInformation));
      StartInfo.dwFlags := STARTF_USESHOWWINDOW;
      StartInfo.wShowWindow := SW_SHOW;
      CreateProcess(PChar(ExtractFilePath(lpFileName) + szTargetExe), nil, nil, nil, False, 0, nil, nil, StartInfo, ProcInfo);
      Sleep(3000);
      InjectLibrary(ProcInfo.hProcess, lpFileName);
    end;
  end;
end;

begin
  DLLProc := @EntryPoint;
  EntryPoint(DLL_PROCESS_ATTACH);
end.