Home » Extra libraries, Code snippets, applications etc. » Applications created with U++ » Tracer
Tracer [message #21881] |
Tue, 09 June 2009 10:26 |
gridem
Messages: 45 Registered: August 2008
|
Member |
|
|
I am glad to introduce the program 'tracer'.
The application catches the started program calls to kernel32.dll on Windows 32 bit platform. This application tested on the following platforms: Windows XP 32 bit, Windows 2003 Server 2003 x64, Windows Vista x32, Windows 7 Beta x32. Now it works for only 32 bit programs.
The program was written using, of course, U++ and some private engines. I think that this program will be useful for developers on Windows platforms.
Download link
[Updated on: Sun, 12 July 2009 09:28] Report message to a moderator
|
|
|
Re: Tracer [message #21889 is a reply to message #21881] |
Tue, 09 June 2009 13:53 |
Novo
Messages: 1358 Registered: December 2006
|
Ultimate Contributor |
|
|
c:\local\work\download\1>trace dir.exe
Begin
Listen was started
EERRRORR: OTR in listen: Nheo sy sprocesstem cannot find t hei sfile speci fied.
o
n the other end of the pipe.
Regards,
Novo
|
|
|
Re: Tracer [message #21896 is a reply to message #21881] |
Tue, 09 June 2009 16:33 |
gridem
Messages: 45 Registered: August 2008
|
Member |
|
|
Some comments how to start the program.
1. Execute 'trace.exe':
E:\Tracer>trace.exe
Please, find 'input.xml' file and edit it
2. Edit file 'input.xml', e.g.:
<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
<!DOCTYPE input>
<input>
<hooks>
<item>CloseHandle</item>
<item>CreateThread</item>
<item>LoadLibraryExW</item>
</hooks>
<exepath>c:\windows\notepad.exe</exepath>
<exeargs></exeargs>
</input>
3. Execute 'trace.exe' again, see the result like:
E:\Tracer>trace.exe
Begin
Listen was started
Process is created
DLL was injected
Detached cave memory
Resumed process
Waiting for program ending...
Pipe was connected
The pipe has been ended.
Listen completed successfully
Program was finished successfully
|
|
|
Goto Forum:
Current Time: Fri Mar 29 08:54:13 CET 2024
Total time taken to generate the page: 0.01072 seconds
|