Harysulf

Autoit with Deviare engine

17 posts in this topic

Please help. Guys, I try to work with the Deviare engine (http://www.nektra.com/products/deviare-api-hook-windows/). This work on COM interface. The official website offers many examples, but there is no one to autoit. Can anybody. Can anyone give an example here. For exp this code from Deviare blogs
 

DeviareTools.IProcesses procs = _mgr.get_Processes(0);
DeviareTools.IProcess proc = procs.get_Item("msnmsgr.exe");
DeviareTools.IPEModuleInfo mod = proc.Modules.get_ModuleByName("ws2_32.dll");
DeviareTools.IExportedFunction fnc = mod.Functions.get_ItemByName("send");
hook = mgr.CreateHook(fnc);
hook.Attach(proc);
hook.OnFunctionCalled += new Deviare.DHookEvents_OnFunctionCalledEventHandler(hook_OnFunctionCalled);
hook.Properties = (int)DeviareCommonLib.HookFlags._call_before;
hook.Hook();
void hook_OnFunctionCalled(DeviareTools.Process proc,DeviareParams.ICallInfo callInfo, Deviare.IRemoteCall rCall)
{
    DeviareParams.IParams pms = callInfo.Params;
    DeviareParams.IEnumParams enm = pms.Enumerator;
    DeviareParams.IParam pm = enm.First;
    pm = enm.Next;
    object[] args = new object[1];
    string msg = "Transmition -> ";
    msg += pm.Value;
    msg += "rn";
    args[0] = msg;
    txtOutput.Invoke(new AppendHandler(Append), args);
}

Can anybody translate it, for autoit? 

Share this post


Link to post
Share on other sites



Welcome to Autoit and the forum!

How do you start up or connect to the Deviare Tools with - lets say - Visual Basic?


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Yes, i mean how i connect to the Deviare Tools, using autoit functions

Share this post


Link to post
Share on other sites

Please have a look at function ObjCreate and ObjGet.
Example how to connect to Excel (either a running instance or create a new one):

$oExcel = ObjGet("", "Excel.Application") ; Connect to an already running instance of Excel
If @error Then ; There wase no running instance. Create a new one
    $oExcel = ObjCreate("Excel.Application")
    If @error Or Not IsObj($oExcel) Then Return SetError(1, @error, 0)
EndIf

 


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Of these functions, I know, but how can I use them with Deviare.
for example, the code code below, take from off. forum

Local $pid = WinGetProcess ( some pid )
Local $oSpyMgr = ObjCreate ( "DeviareCOM.nKtSpyMgr" )
$oSpyMgr.Initialize
Local $oNktProcess = $oSpyMgr.ProcessFromPID ( $pid ); result oNktProcess is nktprocess object
Local $oHook = $oSpyMgr.CreateHook ( "ws2_32.dll!send", 0 ) ;result oHook is nkthook object
$oHook.Attach ( $oNktProcess, True )
$oHook.Hook ( True )

but now, how i can recieve the hooket function events and how to control the function

Share this post


Link to post
Share on other sites

To handle events you need to have a look at function ObjEvent.
Here is an example taken from the Outlook UDF:

#include <OutlookEX.au3>

; *****************************************************************************
; Example Script
; Handle Outlook NewmailEX event when a new mail arrives.
; This script loops until Shift-Alt-E is pressed to exit.
; *****************************************************************************
HotKeySet("+!e", "_Exit") ;Shift-Alt-E to Exit the script
MsgBox(64, "OutlookEX UDF Example Script", "Hotkey to exit the script: 'Shift-Alt-E'!")

Global $oOApp = ObjCreate("Outlook.Application")
Global $test = ObjEvent($oOApp, "oOApp_")

While 1
    Sleep(10)
WEnd

; Outlook 2007 - NewMailEx event - http://msdn.microsoft.com/en-us/library/bb147646%28v=office.12%29.aspx
Func oOApp_NewMailEx($sOL_EntryId)

    Local $oOL_Item = $oOApp.Session.GetItemFromID($sOL_EntryId, Default)
    MsgBox(64, "OutlookEX UDF Example Script", "New mail has arrived!" & @CRLF & @CRLF & _
            "From:    " & $oOL_Item.SenderName & @CRLF & _
            "Subject: " & $oOL_Item.Subject)

EndFunc   ;==>oOApp_NewMailEx

Func _Exit()
    Exit
EndFunc   ;==>_Exit

Note the naming of the function ("oOApp_" plus the event name) and the While loop!


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

I will say easier. I would like to see an example, specifically implemented Hooks.
I'm trying to do something like a network
If possible, provide a ready example of the hook,  lets say, on the recv function. Thanks for you answers.

Share this post


Link to post
Share on other sites

something like a network filter*

Share this post


Link to post
Share on other sites

I have not installed or ever used the Deviare engine.
When you search the forum you will find a few examples how to use it with AutoIt.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

I think that would be nice.
And that would not have any questions about the integration of deviare, tell us how to connect the engine, specifically for use in AutoIt. Do dll registration Enough? (DeviareCOM.dll, DeviareCOM64.dll and no more?!).

Share this post


Link to post
Share on other sites
21 hours ago, junkew said:

Yes, it would be a nice feature if next autoit version has deviare integrated.

Anyway here an example 

 

and please explain, what means this in your example

;Hook.hook(True)
$hResult=$Hook.Hook($my_variant_True)
;!!!!!!!!!!!!!!!!!!!! HERE IT BREAKS !!!!!!!!!!!!!!!!!!!!!!!!!

;~ $hResult=$Hook.Attach($myProcess,$my_variant_True)
consolewrite("HResult: " & $hResult & @CRLF)
;!!!!!!!!!!!!!!!!!!!! HERE IT BREAKS !!!!!!!!!!!!!!!!!!!!!!!!!

 

Share this post


Link to post
Share on other sites

Did you run the example then you would know what it means. The example shows you how it works and yes I probably registered it with regsvr32 which is described in deviare help docs. I am not using it nowadays but deviare has a lot of power to hook into windows api.

Share this post


Link to post
Share on other sites

I run example and have this error "The requested action with this object has failed".  And in fact, little understood. Can someone briefly and clearly, an example of how to work with this, certainly a useful thing, step by step.

Share this post


Link to post
Share on other sites

#15 ·  Posted

I also had need to do this to automate a 3D Laser Scanner. The example given was a good starting point, but did not work for me. I thought I should share what I finally did get to work, since there is very little information I could find on this topic with google.

#include <MsgBoxConstants.au3>

$comObject = ObjCreate("DeviareCOM.NktSpyMgr")   ; Create an COM object to access the Deviare interface
$comObject.Initialize
$eventObject=ObjEvent($comObject,"Deviare2_","DNktSpyMgrEvents")  ; events from comObject are now passed to eventObject

While 1
    Sleep(100)
WEnd

Volatile Func Deviare2_OnProcessStarted($process)
; for reference on the proc object: http://www.nektra.com/products/deviare-api-hook-windows/doc-v2/interface_i_nkt_process.html
  if ($process.Name == "notepad.exe") then
    $hook = $comObject.CreateHook("kernel32.dll!CreateFileW", 0)
    $hook.Attach($process, True)
    $hook.Hook()
    MsgBox($MB_SYSTEMMODAL, $process.name, "Target Process started and hooked", 10)
  EndIf
EndFunc

Volatile Func Deviare2_OnFunctionCalled($hook, $process, $callInfo)

EndFunc

Volatile Func Deviare2_OnCreateProcessCall($process, $pid, $mainThreadId, $is64BitProcess, $canHookNow)

EndFunc

Volatile Func Deviare2_OnCustomDllLoad( $process, $actionId, $actionResult)

EndFunc

Volatile Func Deviare2_OnCustomDllUnLoad( $process, $actionId, $actionResult)

EndFunc

Volatile Func Deviare2_OnCustomApiCall( $process, $actionId, $actionResult, $apiResult)

EndFunc

Volatile Func Deviare2_OnHookStateChanged( $Hook, $process, $actionId, $newState, $oldState)

EndFunc

Volatile Func Deviare2_OnLoadLibraryCall(  $process, $dllName, $moduleHandle)

EndFunc

Volatile Func Deviare2_OnFreeLibraryCall(  $process, $moduleHandle)

EndFunc

Volatile Func Deviare2_OnProcessTerminated(  $process)

EndFunc

Volatile Func Deviare2_OnAgentLoad(  $process, $errorCode)

EndFunc

Volatile Func Deviare2_OnAgentUnload(  $process)

EndFunc

Volatile Func Deviare2_OnCustomMessage(  $process, $msgCode, $msgParam, $retVal)

EndFunc

Volatile Func Deviare2_OnHookOverwritten(  $Hook, $process)

EndFunc

I did put up some more information here: https://sites.google.com/site/janbeck/interception-of-win32-and-user-dll-api-calls-using-autoit-and-deviare

One thing of note is that the version of Windows OS should not really matter here, but I found that the API hooking functioned fine on Win8 x64 and Win7 x64/x32 systems but would not function on two tested WinXP x32 systems. At least when running using F5. After compiling the script into an executable, it worked fine...

 

Hope this helps somebody.

 

2 people like this

Share this post


Link to post
Share on other sites

#16 ·  Posted

JanBBeck, This is very, very interesting code. And a very nice description and documentation on your website of how to use the Deviare APIs in AutoIt.

The example with the 3D Laser Scanner shows how to perform automations with AutoIt and Deviare software in a way that you would not even have dreamed of.

You should add the description and example code in the post above to the Examples forum. After some time it'll be much easier to find in this forum. Sooner or later there will certainly be a need for this example.

Thank you for posting such a nice example.

Five stars from me (on a scale from 1 - 5).

Regards Lars.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now