2

I want to log the parameters which are given to a CryptoStream object in an application, to log the plaintext before it is encrypted.

I want to do this dynamically, without tampering with the original file. Is there a way to create a "layer" between the app and the framework to intercept the desired function calls, write the desired parameter to a text file, and then pass control back to the framework?

If yes, could you point me in the right direction, and give a sample?

And for those who have legal concerns about this (this sounds like a s/w cracking question, I know ;) ) : I have the permission of the developer to do this.

friedkiwi
  • 2,158
  • 8
  • 29
  • 52

2 Answers2

2

I think you can do it either writing a specific debugger or a specific profiler. Here is a link to the CLR Managed Debugger (mdbg) Sample 4.0 and a link to the CLR Profiler for .NET Framework 4 (sources and binaries)

Simon Mourier
  • 132,049
  • 21
  • 248
  • 298
0

There are several ways to do this without tampling the original file: 1.Using the SSCLI, use clix.exe to start your application and set break points in CLR source code. 2.Using Windbg+SOS.dll and load the symbols from MS, set breakpoints before the method entry. 3.the third way is new in blackhat converence. modify the system.*.dll of MS. make it to MSIL and add some IL in the Crypto method. and build it back to dll and make the application use it.

robin.lo
  • 91
  • 1
  • 4