Register for your free account! | Forgot your password?

You last visited: Today at 09:31

  • Please register to post and access all features, it's quick, easy and FREE!

Advertisement


Advertise with us!

Help

Discussion on Help within the General Coding forum part of the Coders Den category.

Reply
 
Old   #1
 
matmin's Avatar
 
elite*gold: 270
The Black Market: 2/0/1
Join Date: Apr 2012
Posts: 320
Received Thanks: 95
Help

How can I view what a program do precisly on my computer?
If it open a file, if it connect to a website.. and so on..
matmin is offline  
Old 08/03/2012, 12:36   #2
 
kissein's Avatar
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Sep 2005
Posts: 427
Received Thanks: 87
i prefer ida pro for static analysis, but its not for free
kissein is offline  
Old 08/03/2012, 12:47   #3
 
matmin's Avatar
 
elite*gold: 270
The Black Market: 2/0/1
Join Date: Apr 2012
Posts: 320
Received Thanks: 95
how does it works?
matmin is offline  
Old 08/03/2012, 13:14   #4


 
Jeoni's Avatar
 
elite*gold: 966
The Black Market: 14/0/0
Join Date: Apr 2010
Posts: 1,105
Received Thanks: 681
It will disassamble the programm and you can analyse the ASM source in order to get your wanted informations.
But for this methode you need a lot of asm knowledge.
I heard that the programm you need is called "Sandbox". I've never tried it but I heard that it will execute the programm in a virtual machine and give you informations about the changes that the programm was doing during its executation. As far as I know there are sandbox-programms which you have to install on your PC and sandbox websites on which you upload the suspicious file and get the analysis reports. But as I said: I never tried it, I just heard of it.
Jeoni is offline  
Thanks
1 User
Old 08/03/2012, 13:53   #5
 
matmin's Avatar
 
elite*gold: 270
The Black Market: 2/0/1
Join Date: Apr 2012
Posts: 320
Received Thanks: 95
Oh thanks
matmin is offline  
Old 08/03/2012, 22:10   #6
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Jul 2010
Posts: 388
Received Thanks: 196
FileMon - allows you to view file system level traffic. Pretty much see any access to the filesystem made by any process.

TCPView - view open connections on TCP/UDP by any process, can't view traffic.

TDIMon - like TCPView, but for any socket connection.

RedMon - monitor registry access.

PortMon - port monitor.

Process Explorer - like an advanced task manager with loads of information on running processes.

Some of these might not exist anymore. Took it from "Secrets of Reverse Engineering", just google for them.
SmackJew is offline  
Old 08/03/2012, 22:16   #7
 
kissein's Avatar
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Sep 2005
Posts: 427
Received Thanks: 87
they're all part of the microsoft sysinternal package
kissein is offline  
Reply

« [Suche] Wer hatte mir einen Mafia-Bot gemacht?!! | [S] Spielideen »



All times are GMT +1. The time now is 09:31.

elitepvpers - play less, get more - Top

Powered by vBulletin®
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Support | Contact Us | FAQ | Advertising | Privacy Policy | Terms of Service | Abuse
Copyright ©2025 elitepvpers All Rights Reserved.