Page 1 of 2 12 LastLast
Results 1 to 15 of 16

Thread: Profiling / debuggin Dll method calls at run time

  1. #1
    tallashk
    Guest

    Profiling / debuggin Dll method calls at run time

    Hi

    I want to profile/ Debug method calls made to dll in an application.

    This is a third party application and I need to know how does it process (infact need to know the algo)

    Is there any way to profile it or debug it.

    The application is a delphi com + application

    Please help

    Regards,
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    I am assuming that the methods/calls are exported. If they are, there are HUGE amount of tools available on the net that do so:

    1. AQtime
    2. ANTS profiler
    3. Intel Vtune
    4. ... and so many, many more...

    hell, you can even CRUDE profile with Ollydbg...

    All versions of all softwares mentioned above are boldly cracked and available for free on the internet... if you know how to use google, that is.

    Have Phun
    Blame Microsoft, get l337 !!

  3. #3
    tallashk
    Guest
    problem is that these programs gives me assembly code of it.. I need to know the method calls if possible. I tried Ollydbg but still getting assembly code. Is it possible to find out when a dll is loaded in memory and find the exact method call when there is some event.
    Its a third party application with loads of dlls. All that i need is to know which particular methods have been called...
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #4
    Administrator dELTA's Avatar
    Join Date
    Oct 2000
    Location
    Ring -1
    Posts
    4,206
    Blog Entries
    5
    If you are just interested in which exported DLL functions have been called, why do you care about assembly code or source code at all? What you seem to need is an API logger / DLL call logger.
    "Give a man a quote from the FAQ, and he'll ignore it. Print the FAQ, shove it up his ass, kick him in the balls, DDoS his ass and kick/ban him, and the point usually gets through eventually."

  5. #5
    tallashk
    Guest
    yes thats exactly i need
    Most softwares are not giving anything like this.. is it possible if you can guide me few tools that can help.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #6
    Administrator dELTA's Avatar
    Join Date
    Oct 2000
    Location
    Ring -1
    Posts
    4,206
    Blog Entries
    5
    BoundsChecker, AutoDebug, ...
    "Give a man a quote from the FAQ, and he'll ignore it. Print the FAQ, shove it up his ass, kick him in the balls, DDoS his ass and kick/ban him, and the point usually gets through eventually."

  7. #7
    tallashk
    Guest
    cheers ill try them.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  8. #8
    tallashk
    Guest
    AUTOdebug i can go and can find out the calls to dlls but still i dont know which methods are being called and used.

    am I missing something or do i need to do something extra to know the exact calls (readable way ) not the assembly.

    Sorry if I am being awkward here.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  9. #9
    Administrator dELTA's Avatar
    Join Date
    Oct 2000
    Location
    Ring -1
    Posts
    4,206
    Blog Entries
    5
    You seem to be after the source code after all, and in that case you're looking for a decompiler:

    http://www.woodmann.com/collaborative/tools/index.php/Category:Decompilers

    Be warned though that this task is not easy at all, and especially not with object oriented languages, which apparently seems to be the case with your target...
    "Give a man a quote from the FAQ, and he'll ignore it. Print the FAQ, shove it up his ass, kick him in the balls, DDoS his ass and kick/ban him, and the point usually gets through eventually."

  10. #10
    He wouldn't be attempting to "borrow" the code....would he???

    Regards,
    JMI

  11. #11
    tallashk
    Guest
    no all that I am after is to see particular method calls. Its a delphi Com application that calls some server dll components and I want to use them to do some automation work by using those components. I am not attempting to borrow code as all that I am trying to do is to write a component for same application that will ease the job.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  12. #12
    <script>alert(0)</script> disavowed's Avatar
    Join Date
    Apr 2002
    Posts
    1,281
    Set a breakpoint on every function in the server DLL and log the arguments passed to them.

    I think Process Stalker has this kind of functionality (although you may have to do some tweaks).

  13. #13
    tallashk
    Guest
    is it possible to get real name of functions as all that i am looking for is particular methods calling in a module of application instead of getting assembly. of the code. ( I am not good in assembly )
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  14. #14
    tallashk
    Guest
    The way this application process is this.
    Loads the exe, calls the hook and resource dll and then it calls the related dll's through hook. I can see the methods in exe but can't see the method calling at run time. I tried saveral tools but most of them shows that dll is loaded but the funcation calls at run time is not coming up in clear way.
    I am not good in reverse engineering and assembly so thats why I am asking again n again ... sorry for being odd...
    cheers...
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  15. #15
    Administrator dELTA's Avatar
    Join Date
    Oct 2000
    Location
    Ring -1
    Posts
    4,206
    Blog Entries
    5
    Just like I already told you above, a decompiler is your only choice in that case, if you don't have access to debug symbols or source code.
    "Give a man a quote from the FAQ, and he'll ignore it. Print the FAQ, shove it up his ass, kick him in the balls, DDoS his ass and kick/ban him, and the point usually gets through eventually."

Similar Threads

  1. Hi all, it's time for a new interesting tutorial, this time SSlEvIN took time for a j
    By Shub-nigurrath in forum Advanced Reversing and Programming
    Replies: 1
    Last Post: March 5th, 2010, 15:58
  2. Profiling with OllyDbg?
    By rlm12345 in forum OllyDbg Support Forums
    Replies: 1
    Last Post: June 8th, 2006, 12:12
  3. question about debuggin an app and preventing registry access..
    By Mrklippel in forum Advanced Reversing and Programming
    Replies: 5
    Last Post: April 20th, 2004, 09:36
  4. debuggin technique? dumping eip
    By fred in forum Tools of Our Trade (TOT) Messageboard
    Replies: 1
    Last Post: January 16th, 2003, 14:58
  5. Profiling ->PURE<- Binary without source!!
    By Aimless in forum Tools of Our Trade (TOT) Messageboard
    Replies: 0
    Last Post: March 9th, 2002, 10:59

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •