0

I'm wondering if something like that is even possible but lets imagine I could get a program's thread, listen it somehow and when the thread calls any function to external dll, I would receive the functions name or at least its address or something so I could somehow identify function and where it went. Perhaps if possible then even get the params what were sent with the function. ( if possible including c++ standard functions like fread, cout etc.. )

Thank you!

Fadey Anomaly
  • 1
  • 4
  • Yes, this is in principle possible, but difficult to pull off depending on the circumstances. For instance, you could basically write your own debugger and that does this, which would then work under the same conditions a debugger would (privileges to accessed process, debug symbols for the function available). There are other possibilities with different trade-offs, but as it currently stands, I fear your question is too broad to be answered. Can you maybe elaborate a bit more on what exactly you are trying to achieve? – ComicSansMS Dec 05 '17 at 09:05
  • Possible duplicate of [SO: Monitoring application calls to DLL](https://stackoverflow.com/q/311268/7478597). Another interesting link: [Tracing API calls on Windows](http://billauer.co.il/blog/2010/07/strace-ltrace-win32-api-dll/). Found this by googling "Windows trace dll function calls" remembering `strace` of Linux. – Scheff's Cat Dec 05 '17 at 09:06

0 Answers0