Sign in to follow this  
Followers 0
deales82

Hooking COM Interface?

6 posts in this topic

Hi All,

I am looking for a way to hook a function contained within an ocx file, I need the function parameters returned so I can search for a string. If it helps I can provide what I am looking for based on WinAPIOverride32 output.

Thanks in advance.

Share this post


Link to post
Share on other sites



Ok I have looked through the help files but still not quite clear on what I need to do, I have attached a screenshot of the function I am trying to hook. In summary what I am trying to do is this:

We have a document management system, when the user right clicks a file and selects view image the file is retrieved and opened up in an integrated viewer, what I would like to do is hook the function highlighted in the screenshot and fire an event whenever a file is opened returned the path to the file that was opened.

Thanks again.

post-36947-1213956463_thumb.gif

Share this post


Link to post
Share on other sites

Ok I guess nobody has any ideas yet?? I have done a lot of playing around but my main stumbling block at the moment is that I need to hook into an existing instance of the object, using GetActiveObject trouble is the ActiveX control I am trying to hook does not register itself in the running object table as it was coded in VB.

Any other way I can connect to an existing instance, can I possibly use _ieattach for the purpose?

Many Thanks

Share this post


Link to post
Share on other sites

Hi All,

I am looking for a way to hook a function contained within an ocx file, I need the function parameters returned so I can search for a string. If it helps I can provide what I am looking for based on WinAPIOverride32 output.

Thanks in advance.

Hi

If your ocx control support IDispatch, you should only need to click on "Enable COM Auto Hooking" in winapioverride32

and use the "Attach Application at Startup" to be sure object is hooked on creation (else once it is created you have to create COM monitoring file and load them manually)

Notice should not appear : If your object is still not seen (you don't have "Object xxx create" report for your object) edit the "COM_ObjectCreationHookedFunctions.txt" located in Winapioverride directory to add the API creating your com object

Best Regards

Share this post


Link to post
Share on other sites

Yes winapioveride32 does the job just fine, but I cant roll out the app as a production quality fix to all of the clients. I have spent weeks and weeks on this one and I am at the pretty much give it up stage but I am determined!!

Basically I need an alternative method to grab an instance but without relying on a look up in the running object table! I have scoured the net and it looks like a proxy wrapper might be the answer but it is way above my head!

Thanks

Share this post


Link to post
Share on other sites

Yes winapioveride32 does the job just fine, but I cant roll out the app as a production quality fix to all of the clients. I have spent weeks and weeks on this one and I am at the pretty much give it up stage but I am determined!!

Basically I need an alternative method to grab an instance but without relying on a look up in the running object table! I have scoured the net and it looks like a proxy wrapper might be the answer but it is way above my head!

Thanks

If you don't use Running Object Table, the wrapper is the only easy solution as you can't do hooking like winapioverride for commercial products.

The trouble is that you have to rename the original dll containing ocx control to produce you own ocx dll ocx control, but if original ocx control is a standard one (not yours) this is too much dangerous in case of component update (your own will be overwritten)

The best description for this method (with source code) can be found here http://www.codeguru.com/cpp/com-tech/activ...icle.php/c5563/

Another solution could be to use winapioverride "Com tools" / "Show method Address" which gives you address of

1) the VTBL (you can next change its content to point to new functions)

2) functions addresses in the binary (you can change function content)

But any way it's quite dirty muttley

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0