3

I've never really had to debug Classic ASP, so this is a little rough and most likely a poor question, but I have done as much research as I could before asking.

I have a request to identify what code prints to a printer, and re-use that code in a new page that someone has built.

While trying to identify that, I've stumbled on a few things that I don't understand, but namely one big one.

The gist is, people can order cookies from the cafeteria, and when they submit, it shows a confirmation page and that order is sent to a printer.

To get a list of cookie options, there's a Server Object created, and from there a method exists, but I cannot identify where it is or where I should be looking. Here's the code:

<%
    On error resume next

    Const CATAGORY_COOKIE = 1

    Dim cookieNames
    Dim objCookie
    Dim Count

    Set objCookie = Server.CreateObject("CookieOrder.CookieRequest")
    if objCookie Is Nothing then
        Response.Write "Error"
        Response.End
    End if

    cookieNames = objCookie.getAvailable_Item_Names(CATAGORY_COOKIE)
    Count = objCookie.Count

    Dim sz
    sz = Split(cookieNames, ";")
    Set objCookie = Nothing
%>

How do I identify what the Server Object is? There's a .dll file that contains binary, but I'm not familiar with how that could be utilized.

I have tried to follow the browser dev tools, but they really haven't been too helpful in this aspect.

I am hoping that learning how this code is executing or where it's being executed I will figure out my other problems.

user692942
  • 16,398
  • 7
  • 76
  • 175
Mark C.
  • 6,332
  • 4
  • 35
  • 71
  • Take a look at this post on how to crack open dll files. http://stackoverflow.com/questions/18050615/how-to-open-dll-files-to-see-what-is-written-inside – WorkSmarter May 11 '15 at 19:23
  • So, the `.dll` contains some source code that I need to somehow view in human-readable format and it should all make sense? – Mark C. May 11 '15 at 19:41
  • Yes, the dll is compiled source code. A tool like DotPeek will decompile the binary file into a readable format. Some digging would be required to determine what is happening within the code. – WorkSmarter May 11 '15 at 19:56
  • I must be using it incorrectly. I suppose I can't just drag the dll into dotPeek? – Mark C. May 11 '15 at 19:58
  • Be sure to check out the video on the site https://www.jetbrains.com/decompiler/ – WorkSmarter May 11 '15 at 19:59
  • 1
    Pretty basic question and I assume you've already asked, but do you possibly have access to the source for the server object since you're making changes to a web application that depends on this library? I might check in Component Services snap-in to look for COM+ objects. – mjw May 11 '15 at 20:18
  • @mjw Honestly, I'm not sure where to even go for that. I'm not actually making changes, just trying to copy some of the code in the dll or see how some of the code in the dll is being utilized so I can replicate it. – Mark C. May 11 '15 at 20:19
  • 1
    Understood. For me, it's always easiest to work with the original source directly, even if only to understand how a class and its member functions operate. If you don't have access, it looks as though others have provided options for decompiling. From your code snippet, you've got a library with Namespace = CookieOrder and Class = CookieRequest. If you only require the ability to call methods that exist in your current web application code, you should be able to use that as guidance to reproduce the functionality. Good luck! – mjw May 11 '15 at 20:25
  • @mjw Thanks! I would love to identify the source to somehow make sense of the dll. All of the tools to decompile haven't been very helpful thus far. – Mark C. May 11 '15 at 20:30
  • It all depends on the DLL and whether you have the tools to decompile it. For the ProgId `CookieOrder.CookieRequest` to be available to Classic ASP it must be COM+ capable but this doesn't necessarily mean it is a .Net DLL as COM+ pre-dates .Net. It could have been just as easily been written in VB, Visual C++ etc. – user692942 May 14 '15 at 13:51
  • If you don't know where to find the library that relates to `CookieOrder.CookieRequest`, I'd recommend looking through `HKEY_CLASS_ROOT` hive in the registry. Follow the bread crumbs by identifying the `CLSID` then search for that key to find the associated `InprocServer32` key which should lead you to the location of the DLL library. – user692942 May 14 '15 at 13:56
  • If you think you have found the DLL but don't know what compiled it I'd suggest taking a look here - [Identifying the origin of a DLL](http://stackoverflow.com/a/11822845/692942) – user692942 May 14 '15 at 14:01
  • 1
    @Lankymart Exactly! Thank you for the tips. I did some of them, but didn't know about others. Luckily, I was able to find this 'project' in Subversion and identify that it is an old VB6 `.dll` and that the code I was supposed to 'lift and drop' into a new website isn't feasible because we don't develop in VB6 anymore. Thanks for your help! If you want to throw everything into an answer I'll +1 and accept. Also, throw in the tid-bit of mjw's comment about the Namespace if you don't mind (if it's correct) b/c I didn't know about that – Mark C. May 14 '15 at 14:03

1 Answers1

5

Bit of background

The project is using a COM+ component. These are defined in Classic ASP using the syntax;

Set obj = Server.CreateObject("[insert COM+ ProgId]")

In this project you are using a component registered with the ProgId

CookieOrder.CookieRequest

There are many out of the box COM+ components available to Classic ASP that provide a lot of common functionality such as;

Visual Basic Scripting Runtime
ActiveX Data Objects

There is also the ability to create COM+ components for use with Classic ASP using languages common to the time like Visual Basic, Visual C++ and more recently using the .NET Framework (C#, VB.NET).

How to locate COM+ libraries

NOTE: Please be careful when accessing the registry as modifying or deleting keys could lead to a corrupt operating system.

Also for the purposes of this guide will use the Scripting.Dictionary ProgId.

The key is using the ProgId to find an elusive COM+ library.

  1. Start %SystemRoot%\system32\regedit.exe (will work in most Windows Operating Systems)

  2. Navigate to the HKEY_CLASS_ROOT hive and select it, then press Ctrl + F to open the Find dialog box.

  3. In Find what type the ProgId in this case Scripting.Dictionary and make sure in look at only Key is checked then press Find or Find Next.

  4. If a ProgId key is found expand to the key and locate the CLSID key which contains a (Default) REG_SZ with the value of the CLSID in the case of this example {EE09B103-97E0-11CF-978F-00A02463E06F}. Double click this value to bring up the Edit String dialog copy the value into your clipboard.

  5. Return to the HKEY_CLASS_ROOT key and use Find to search for the CLSID value which in this example is {EE09B103-97E0-11CF-978F-00A02463E06F} and again make sure Look at has only Key checked then press Find or Find Next.

  6. If the key is found expand and locate the InprocServer32 key in it you will find the location of DLL in the (Default) REG_SZ value. In this example that is C:\Windows\System32\scrrun.dll (this will be different depending on installation location and OS)

What about decompiling?

There's a lot of assumption in the comments about the compiler used to compile the DLL (mainly .NET), but the best way to check is to use one of the many programs out there in the public domain designed for this purpose.

There is a specific question on SO that deals with this;

Answer by @simon-mᶜkenzie to Identifying the origin of a DLL

Community
  • 1
  • 1
user692942
  • 16,398
  • 7
  • 76
  • 175