Parsing HTTPSENDREQUESTEX'S LPINTERNET_BUFFERSA struct with Frida
This post is about how to read the LPINTERNET_BUFFERSA struct used by the Windows API HttpSendRequestExA. The background behind this post is answering an StackOverflow question but with a more detailed explanation. To perform this example, instead of writing an application I will use Internet Explorer and I will use FRIDA on it. That said, the definition of the struct used in HttpSendRequestExA/W is: typedef struct _INTERNET_BUFFERSA { DWORD dwStructSize; struct _INTERNET_BUFFERSA *Next; LPCSTR lpcszHeader; DWORD dwHeadersLength; DWORD dwHeadersTotal; LPVOID lpvBuffer; DWORD dwBufferLength; DWORD dwBufferTotal; DWORD dwOffsetLow; DWORD dwOffsetHigh; } INTERNET_BUFFERSA, *LPINTERNET_BUFFERSA; There are two things to note here, the first one is that the first mem