Comments (4)
That is a huge task,
which involves writing a debugger to monitor module loads...
from dependencies.
Exactly. If one day I wanted to implement this feature, it would be a separate tool anyway.
In the meantime ProcMon, wtrace and a good breakpoint with Windbg can do the job.
from dependencies.
Loader snaps (gflags /i process.exe +sls
) + a debugger or DbgView to view the output is even simpler,
and it also shows why a dll load fails (if it fails), as well as the reason why a dll is found.
from dependencies.
How dependencies handles this:
- It starts the target process under a debugger (dependencies is the debugger)
- It injects a dll in the target process
- It redirects all LoadLibrary[Ex][A|W] and GetProcAddress imports from all dlls in the target process to this dll (this is done from the dependencies process)
- The dll logs the result of these functions using OutputDebugString, which is captured in dependencies.
There are multiple ways to implement this, but these seem to be the most obvious:
- Start a process under a debugger
- Inject a dll (Either from the debugger, or as verifier plugin,see note 1)
- Redirect the functions (either from the debugger, or from the dll itself, see note 2)
Note 1:
The downside of this method is that the dll should be in system32.
However this means we can leverage the verifier subsystem to hook the relevant functions (which makes point 2 no longer a concern)
Note 2:
Hooking the functions can be done from the debugger (host) process, which is slightly more complicated,
or from the injected dll itself. The original depends is doing it from the host process, but I do not know if there is a good reason for this.
When adding support for this feature, would it be a problem if there is a requirement to drop support dll's in system32? (requiring elevation)
from dependencies.
Related Issues (20)
- PowerShell module
- Antivirus quarantine triggered HOT 1
- Dependencies crashes on windows10 machine after windows update HOT 3
- Items under "Recent Items" will be duplicated HOT 1
- Ships with too many files HOT 1
- [ DependenciesGui ] Opening a DLL with the same path but different contents shows the same result. HOT 2
- [Question] How can I run the DependenciesGui.exe in WINE? HOT 2
- Better support Windows driver files
- Stupid to require framework 4.6 HOT 4
- Unable to list global exported functions within the namespace
- H
- Can't find file on disk any more - but it did find it? HOT 1
- After modifying the dll, the software does not change HOT 1
- Support import (.lib) and export (.exp) libraries HOT 1
- Unknown Missing Dependency Error in dll audio plugin
- Crash started occuring at each new launch of DependenciesGui.exe
- 'Dependencies is currently shipped as two binaries' HOT 2
- Difficulty interpreting output; an error box
- can't run exe in windows 11-24h2?
- Confusing output in the lower side of the window HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dependencies.