How to intercept a call to a DLL from a program?

A

AleVerDes2016-01-22 16:21:55

reverse engineering

AleVerDes, 2016-01-22 16:21:55

Good afternoon!
I need to know when a call is made from a program (written in VB, there are no sources, there is a decompiled version) to a DLL (written in unknown language, the structure is visible through Depedency Walker).
In the "source" of the program, I see a huge number of functions, but I know for sure that more than half of them are not used. You need to run some kind of debugger, connect it to the program process and run the program usage scenario, and in the debugger you can see when and what is called from the outside.
Is it real? Can some OllyDbg help to do this, or are there special programs for such actions?
Thanks in advance for any help.

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

A

AleVerDes, 2016-01-22
@AleVerDes

All my suffering was solved by the WinAPIOverride program

V

Vladimir Martyanov, 2016-01-22
@vilgeforce

Analysis of target DLL exports -> generating shim DLL with logging code -> slipping shim. PROFIT.

P

Peter, 2016-01-22
@petermzg

In the same VS, you can put a breakpoint on a memory address.
To calculate the address, you need to take the base address of this dll from the loaded dlls tab and add the function offset, which can be seen in Depedency Walker.