Sugetion to how or where start to create a integration/automation app

Question

0.00/5 (No votes)

See more:

Hi everyone! I'm familiar with C++ and a sort of assembly reference, I wanted to get more knowledge about finding info on memory with and C++ for system integration purposes. I work on a clinic and lot of times user needs to type system info on external sites/systems, most of the time I can get these info simple by memory pointing, but sometimes there's a lot of hard info to find on memory, like dinamic data, unknow data structure for my actual knowledge.

What you guys suggest for me to start? Books, Tuts and etc.

Just did some reversing tuts, but most of then is for cracking and invasive purposes, in most of situations I just need to get info from memory and window controls.

Thank you!

EDIT:

You guys helped me here. But even with some experience with C, Memory, ASM and debuggers I can't figure out how and where to start. Here is some Screen Shots of the application.

http://i1226.photobucket.com/albums/ee405/RazielLOK/smart/SS001_zpse152c393.png

http://i1226.photobucket.com/albums/ee405/RazielLOK/smart/SS002_zpsfcfc70d1.png

http://i1226.photobucket.com/albums/ee405/RazielLOK/smart/SS003_zpsb06ba6b1.png

What I want is to take the information marked yellow and fill that extracted info into the third screen, which is a web application. The second screen is a code edit (marked green) that is the authorization code for the medical procedure which need to be retrieved from the web application.

It is actually a automation routine. Take info from the application, fill the web app with that info, execute the web app, retrieve the authorization code and insert into the code edit.

Where and how can I start? If anyone need more detail just ask. Any help will be appreciated.

Tried to get the data by memory, some are window data and always change the address, maybe I'm using wrong pointers, dunno yet. Other can't be viewed with gettext method.

I think it can be done with some aob pattern scan. But I need to understand better how the data of the controls are stored in memory.

It could be easily done with dumb key pressing scripts, but I'll have a lot of problem with the users. And the info can be retrieved from the SQL database but it will generate a lot of connections to get info that is already on the screen.

Thank you guys.

Posted 12-Aug-13 8:40am

Ricardo Silva

Updated 14-Oct-13 2:31am

v3

Add a Solution

Comments

Sergey Alexandrovich Kryukov 12-Aug-13 14:45pm

Okay, invasive purposes... How about your purposes, not invasive ones? Why assembly is used? And why not inline assembly in, say, C++? And why you face some problems in binding between Assembly and C++ code? what kind of problems? It actually strongly depends on how ASM code is written and documented, because it's possible, for example, not to follow any commonly used calling conventions or mix those...

I would say, the question is too vague.

—SA

Philippe Mori 14-Aug-13 8:41am

You never need assembly to access memory. C++ can access any memory assembly code can access.

By the way,you should always get information through provided APIs and never try to access undocumented structures in memory as there is no guarantee on the format and it might change between OSs version and architecture or it might not even be accessible to user-code or it might be accessible only from the original process (memory page mapping)

Andreas Gieriet 11-Oct-13 15:38pm

I'm confused: you talk about C/C++/assembly/memory/addresses etc. and in the same go you talk about windows controls and web pages to get/put data from/to. So, you want to spy one application to get some data that was entered by a user (or retrieved from a database) to a web application? Is this unterstanding correct? I'm confused.
So you try to work around industry standard SQL queries with spying the apps memory? Please tell me that this is not true!
I understand that you work in a medical environment. You know about regualtory requirements, I guess... I hope it's not my blood sample you try to process like this. What kind of institution are you working for?
Cheers
Andi

enhzflep 12-Oct-13 10:42am

Ahh, that's better now that the images work.
Um, I don't see any mention of Spy++ here. It comes with VS (there are many free variants) and will allow you to see the properties and styles of a window. It will also give you the HWND of controls.
So, if you extract information from those boxes with your eyes by querying them for their contents (i.e, by looking at and concentrating on them), why not follow a similar approach for programatically extracting the data? I.e, Use any one of a number of techniques to get the HWND of controls you're interested in. Then simply send/post a WM_GETTEXT message to it or use GetWindowText or GetDlgItemText. I'm not sure which if any has restrictions on sending the message between processes.

Assuming I was prepared to operate on clinical data in such a manner, If possible, I'd use spy++ to get the ID of each of the controls. I would then get the HWND of the main program - probably by searching for a window with the title you've blacked-out. Though, this may not work if the program changes it's window title, as many do to reflect the name of the data file currently loaded.

So, I'd use spy++ to get the ID of the items you've marked in yellow. I would then use FindWindow or similar to get the HWND of the main program. After doing these two steps, I'd then use GetDlgItemText or GetDlgItemInt to get the info you need.

I approach this question from a pragmatic perspective. I like Andreas am more than a little uncomfortable with the use of such techniques on any data of a medical - or more specifically, non-trivial nature. You _can_ drive your car through a shopping mall - it certainly isn't a good idea though! - even if it does save you driving around the outside by driving straight through the middle...

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

H.Brydon · Answer 1 · 2013-08-12T09:52:00

Solution 1

If you are trying to understand programming or do something for a small office/business, there is nothing you need to learn in the world of assembly. You should drop that pursuit and strive to understand controls and memory structures from higher level languages such as C++ or java.

The resources for conventional programming languages are almost too obvious and numerous to attempt to list here.

Posted 12-Aug-13 9:52am

H.Brydon

Comments

Sergey Alexandrovich Kryukov 12-Aug-13 16:33pm

I would prefer to hear from OP why ASM is used; in particular, to answer my questions. It could be anything, including some legacy parts of project already written in assembly and working well enough...
—SA

pasztorpisti 13-Aug-13 0:08am

5ed. From what I can get out from the question I'm almost sure that there is no need for assembly. Even in cases where assembly is needed people usually try to minimize the amount of assembly because its hard to read/understand and platform dependent.
I've played around a lot with assembly and its almost always enough to have one or two helper assembly methods even in the worst case. Minimizing the amount of assembly code is art, I remember that once I've rewritten one of my (invasive, injected) assembly tools in full C/C++ without a single piece of assembly. That was the second rewrite with a few years gap between rewrites. Few years before that I couldn't rewrite without assembly, the first C rewrite contained several (around 10) assembly patches. Minimizing the inline assembly and eliminating it often requires extensive knowledge of both assembly and the high level language. Sometimes writing asm-less code requires even better understanding of the problem and the used languages and requires you to become a better software developer in general. Knowing both bare metal language and high level stuff is very useful so if OP has the time and the right mood then I would advise learning some assembly but its quite possible to do programming without asm. Some prior assembly knowledge would automatically answer the most difficult questions of beginner C/C++ programmers: How pointers work? How to manage memory? ....

Ricardo Silva 13-Aug-13 14:00pm

OK, I just mentioned it because it may require code caving to get hard info that is generated in time, but for what I want it may not require it at all. The thing is, I did some code that worked out for autoit and autohotkey, the problem is these kind of script programs sometimes don't get the text from the window and mess with all the rest, and some of the info are on memory only, not visible or hidden on window controls. I think I can even do that stuff without C++, I just need a better understand of the data structure on the memory.

Sorry for the vague question, I'm at work. But I'll try to put some more info about it. Thank you all for the answers. But is what H.Brydon said, If everyone know articles, books and etc about memory structures and memory data stuff will be very appreciated.

pasztorpisti 15-Aug-13 1:26am

If you are trying to gather info from the memory of another process and this info retrieval doesn't involve calling functions inside the other process then I would go by opening the other process (OpenProcess) and would read its memory from outside (ReadProcessMemory) like a debugger does with its debugged process. This is much easier and cleaner solution. If you have to inject code then its much easier to write the injectable code in a high level language like C/C++ and then get the dll into the target process. This way only the injection is messy but you can write the dll code comfotably in C/C++.

Ricardo Silva 11-Oct-13 15:13pm

Updated the question to be more especific.

enhzflep 11-Oct-13 16:59pm

Image links no longer work. Please update links to point to valid URLs.

Ricardo Silva 14-Oct-13 8:31am

links are ok now.