I have an OCX without documentation and need to use it.
I've figured out most of the stuff, but, is it possible to monitor all the calls and arguments made by one software to that OCX?
I've tried ProcessMonitor, APIMonitor and none of them give me that information.
I haven't tried it myself, but WinApiOverride seems to support COM object calls monitoring:
http://jacquelin.potier.free.fr/winapioverride32/doc/com.htm
This is a pretty advanced tool, however, and you'll likely have to spend some time adding rules for your specific COM classes.
Related
I have an old set of DLLs developed in late 90s with Visual C++ of that time and an application which uses them. Is there any way to know what functions (and their signatures, e.g. arguments and value types) are called from these DLLs.
There's a more general question. Is there a way to monitor all DLL calls which are made by any process in the system?
The only precise way to see what functions are used from a DLL is to debug the application that use the DLL and inspect the stack before each call.
If you want something more generic you can log every LoadLibrary and GetProcAddres API call but it is a daunting task.
You can also run an API monitor software like this one from Rohitab: APImonitor
I wrote an application in a JS-based framework called Titanium. This framework doesn't have some functions, so I'm bundling autohotkeys, and using STDIN/STDOUT to connect the two. Autohotkeys has a cool function DllCall which allows to interconect with the operating system and should help me close the gap between the JS-based framework and the missing functionality.
To give you an example, Titanium allows me to bind to a specific port. But if I bind to 0 and let the OS pick a free port (as it should), it will work, but there's no way to tell which port it actually bound to.
Now since I come from web applications, DLLs are new to me; so I have a few questions:
Is there like a big doc with all the DLLs and all their methods?
How do I know if some methods are dependent on some services? I mean I've heard some rely on RPCs, COM, COM+, WMIs, etc. which a user can turn off and if it does, these methods won't work. Is there also a place where I can get more info on this?
Are there any off-the-shelf DLLs, with their methods, which I can trust that they will work 100% from XP up to 7?
Are there any access permissions I should know about? Are they documented.
If you also come from web programming, is there anything else I should be aware about?
Thank you very much.
You can find a (mostly) complete documentation of all Windows API functions (which reside in DLLs) either online on MSDN or offline using the documentation from the Windows SDK.
For example look at the documentation for SHGetSpecialFolderPath. There you can find various information, like the DLL (shell32.dll), any prerequisites (min. IE 4) and the platform availablity. (min. Windows 2000) Also security considerations are documented.
All API functions are documented more or less in this manner. A good starting point is the Windows Developer Reference. From there you can browse through the many API functions.
Basically the answer to every question is that you should search MSDN for the functions or APIs you are interested in and read the documentation there:
http://msdn.microsoft.com/en-us/library/ms123401.aspx
They document which operating systems the functions are available in so it should be easy to write something that works in Windows XP and up.
Through COM, one can potentially gain absolute control over a target system. For example: using javascript's ActiveXObject object in IE, one can create certain objects which were designed to have direct access or interaction with system properties and files. One would think common sense dictates users disable ActiveX features in IE immediately after installing the browser to ensure their system is protected while surfing the net, or at least paying close attention to which websites they permit. But, I doubt many average PC users know how or why to do this, or just get tired of mirco-managing it over time. I think any PC user or admin my COM class caters to would greatly appreciate not having to deal with that. Thankfully it looks like IE versions come packaged with ActiveX disabled by default nowadays.
I've built a very versatile COM class library in VB. I didn't intend for it to be callable from any website, but that feature is just part of the COM platform. I'd like to prevent the library from being called from IE unless the website is on a white-listed domain to proactively protect the user (and ultimately their entire intranet) from harm from malicious websites. What would be the best method in VB.Net to tell which application called my DLL, to be able to tell if it was called from any command or process originating from IE? And, what domain called my dll?
Edit: I believe this might be a duplicate. See: Calling Assembly to get Application Name VB.NET
System.Environment.GetCommandLineArgs()(0) gets me the calling application path. With this info, I can compare it to a black/white-list of applications. Problem solved for now.
Don't mark the control as Safe for Scripting.
Default security settings will not allow such controls to be scripted.
Self-answer, and possibly duplicate, I suppose. See System.Environment.GetCommandLineArgs()(0) from Calling Assembly to get Application Name VB.NET
In this case, the class never was marked as safe for scripting and the intent was already never to mark it safe. The issue was how to obtain the calling application info so I could add additional security measures in case those which the calling application had were not enough.
When I try to compile my VSTO Outlook addin, I get this error:
Reference to class 'RibbonBase' is not
allowed when its assembly is linked
using No-PIA mode
Can't seam to find a solution to it online.
Any idea?
Thanks!
Mojo
Certain COM libraries, including this one, do not support No-PIA mode.
Change Embed Interop Type to false in the properties of the reference.
I can't swear that what I'm about to offer would fix the RibbonBase issue, but I received exactly the same error message with respect to a class I was trying to use in Access, and found myself reading this question & answer, so I'd like to offer my solution as I suspect strongly that it might also fix the RibbonBase problem.
The issue is one of referencing a CLASS rather than an Interface. If you search for "is not allowed when its assembly is linked using No-PIA mode" in http://msdn.microsoft.com/en-us/library/h8c469ey.aspx, you can see where I get this from.
It kind-of makes sense - I can see that making the interfaces available gives a better object design (by separating interface from implementation) and would also reduce the meta-data required.
In Access, I was trying to reference ControlClass, and when I switched to using just "Control" (it's interface) then all worked fine for me.
From what I've read, I believe that SLaks solution, while it will undoubtedly work, it will require the Interop assemblies to be instelled on the machine that the solution is deployed on, where as switching to an interface (if possible) then allows you to deploy without the Interop assemblies. For me, that makes my suggestion more attractive, if it could be applied in the case of "RibbonBase".
Since HTA applications are hosted within MSHTA.exe how does one provide a manifest? Plus I assume providing a MSHTA.exe.manifest could potentially break other HTA apps?
On Vista+, MSHTA.exe has an embedded manifest, which takes priority over external manifests, so your suggestion is not an option.
On XP/2003, yes, your suggestion would work, although it would be bad form, as is dropping files in System32 to modify the behavior of a system binary (especially make sure that any registration you put in the manifest are objects you are the only one to care about).
The proper solution, available on Win2003 and above, is to use the Microsoft.Windows.ActCtx object to instantiate your object given an explicit manifest reference.
For example:
var actCtx = WScript.CreateObject("Microsoft.Windows.ActCtx");
actCtx.Manifest = "myregfree.manifest";
var obj = actCtx.CreateObject("MyObj");
Perhaps, if this must work on XP as well, a path you may take is a combination of both solutions.
Edit: My answer is wrong, but I'll leave it here to avoid any similar wrong answers :)
If you question is can you access a COM object without registering it on the machine, then I think the answer is a tentative yes. However the work you would need to do would be substantial and would mean implementing a lot of the low level code that most development tools provide for you as a matter of course (Delphi, .NET, JAVA). You would need to interface with the dll directly (like you would a normal dll ), query its interfaces and call your methods.
If you have C, C++ knowledge, the way COM is accessed from these languages would give you some pointers.
Sorry I cant be of any more help.