Access Objects of a Process

[jerebenz]

Hello Everyone,

Here am I again asking questions !

I'm working an a script at my work. We're using an old home made application (no more dev on it), and I want to control it (add some stuff).

I tried to look in the OLEView.exe to see if there was a COM Interface that I can use, but I found nothing.

After that, I tried to open the program ".exe" with dllexp and found something !

There is function called MadTraceProcess in the exe file.

So I googled it, and found it was a kind of tracking software. Guess the application was designed with it inside. I then found madtraceprocess.exe, and I'm able to track the exe ! a kind of dump.

The software is called Desktop.exe

Here is an exemple of what I have in the madtraceprocess :

thread $1ec8 (TScriptEngine): <suspended>

7c90eb94 +00 ntdll.dll KiFastSystemCallRet

7c90e859 +0a ntdll.dll NtSuspendThread

7c83973e +0c kernel32.dll SuspendThread

004544a9 +31 Desktop.exe Classes TThread.Suspend

0062635a +f6 Desktop.exe Scripting 441 +27 TScriptEngine.Execute

0043090a +16 Desktop.exe madExcept HookedTThreadExecute

0045409c +34 Desktop.exe Classes ThreadProc

004055b8 +28 Desktop.exe System ThreadWrapper

0043083d +0d Desktop.exe madExcept CallThreadProc

0043087f +37 Desktop.exe madExcept ThreadExceptFrame

>> created by main thread ($1e10) at:

00624b76 +36 Desktop.exe Scripting 149 +1 TScriptEngine.Create

So I'm sure the software is using some objects, and I want to be able to use them.

I searched for hours on the forum, found the Autoit Object UDF, a project for MSAA, some WindowFromAccessibleObject references, but I have no idea if it can help me with what I want to acheve.

If there is a ProgAndy, or a trancexx, or a Authenticity, or even a monoceres (and so on..) hanging around, please tell me "You can do it !"

See you later !

Jerebenz

[exodius]

I hate to be the bearer of bad news, but "We're using an old home made application (no more dev on it)" pretty well sells me on the notion that you're probably outta luck for two reasons:

1. "old home made application" = The program probably doesn't have a COM Object system you can access, because the only reason programs have one is the developers went to the effort to include one...

2. "old home made application" = (I know, same as the first reason, but for a different reason) Even if they did include a COM Object system for you, the fact that it's an old home made application means that there's not going to be any documentation on the internet of it, so if there's no documentation anywhere at your workplace on it, it'd be all but impossible to divine it at this point (post-compilation).

[jerebenz]

Thanks for your reply.

There's still something that I don't understand (along with a bunch of other things ) :

If the home made app would have a COM Interface - would it have to be visible in the OLEView.exe, or is it possible that it could not be found in OLEView.exe, even if it existed ?