Is it possible to see inside a dll....
I have a dll that is used in a Custom Action in a vendor msi that I would like to explore to see what command line the Custom Action uses when running an msi through a dll call!
The Custom Action is a dll call to a dll called ISScriptBridge.dll and the Function name is f21.
Any ideas?
The Custom Action is a dll call to a dll called ISScriptBridge.dll and the Function name is f21.
Any ideas?
0 Comments
[ + ] Show comments
Answers (4)
Please log in to answer
Posted by:
nheim
17 years ago
Hi Mark,
there is no 'easy way' to do that. The most important thing is, to get everything out of the logfiles. And there is fotunately more in them, than most people belive. The next step could be to use regmon and filemon during an install and look what's going on there.
To further dig in, you would have to use a debugger/disassembler, but this can easy take hours or even days of inspection.
Regards, Nick
there is no 'easy way' to do that. The most important thing is, to get everything out of the logfiles. And there is fotunately more in them, than most people belive. The next step could be to use regmon and filemon during an install and look what's going on there.
To further dig in, you would have to use a debugger/disassembler, but this can easy take hours or even days of inspection.
Regards, Nick
Posted by:
kkaminsk
17 years ago
I wonder if you could hook dependency walker to MSIEXEC and then watch the custom action dll call from there?
Posted by:
AngelD
17 years ago
That's an possibillity I've never thought about, will have to try that sometimes.
But don't think thats gonna give you exactly what it does, only what function calls.
Softice or IDA Pro Disassembler should do better but start learning those assembly language cause it wont be easy ;)
But don't think thats gonna give you exactly what it does, only what function calls.
Softice or IDA Pro Disassembler should do better but start learning those assembly language cause it wont be easy ;)
Posted by:
AngelD
17 years ago
Function calls through ISScriptBridge.dll will mostly query the database (session) so by using DebugView you'll likely see whats happening.
Rating comments in this legacy AppDeploy message board thread won't reorder them,so that the conversation will remain readable.
