by using "wrapper" dll's, or api hooking, you can do this. basically, you create a shell dll that exports all of the same functions and each export logs and calls the equivilent actuall dll export. this is a software cracker / reverse engineer trick that has a lot of applicibility in research context. Signed, Ryan Permeh eEye Digital Security Team http://www.eEye.com/Retina -Network Security Scanner http://www.eEye.com/Iris -Network Traffic Analyzer http://www.eEye.com/SecureIIS -Stop Known and Unknown IIS Vulnerabilities ----- Original Message ----- From: "Shripal" <meghaniat_private> To: <secprogat_private> Sent: Sunday, January 06, 2002 11:34 PM Subject: DLL Watching > [shrip] Is there any way of monitoring which processes are loading which > dlls at realtime?? > > >
This archive was generated by hypermail 2b30 : Tue Jan 08 2002 - 12:14:26 PST