i need to hook a file saved from windows7 executable. Im python

I need to get the output of an executable ( think notepad.exe) then capture the save file. I have found some documentation which would help but I cannot implement due to 0 experience with c++. http://j00ru.vexillium.org/syscalls/nt/64/ https://github.com/jingpu/pintools/blob/master/source/tools/ManualExamples/strace.cpp https://software.intel.com/sites/landingpage/pintool/docs/71313/Pin/html/

c++intel ntcreatefile pin syscall

2nd Oct 2017, 4:28 AM

jason :)

6 Answers

+ 3

@Jason, I see your code, but honestly, I only get very little of it, anyway I see that you're code was meant to launch the craftware app, but you didn't specify any command line arguments to pass, I thought you would pass a file name for it to process or something? how craftware knows which file it should work on? I googled about craftware to find that is an app for transforming 3d objects into digital file? I don't really understand their intro.

2nd Oct 2017, 11:49 PM

Ipang

+ 3

@Jason, sounds tough, I'm afraid it's far beyond my knowledge, anyway, if you don't mind me asking (again), what are the works that done manually, and how's your plan for automating the manual works, I can understand you're very busy with this, just couldn't help the curiosity.

3rd Oct 2017, 1:41 AM

Ipang

+ 3

@Jason, best of luck on the project, sorry I can't help you with that, maybe if I find something, and you're still working on it, I'll pass it on. Thanks for sharing :)

3rd Oct 2017, 2:56 AM

Ipang

+ 2

May I ask what is it exactly that you want to do that makes you need to use system calls? I may not be able to help, just asking for curiosity?

2nd Oct 2017, 4:49 AM

Ipang

+ 2

You want to use python to run an exe and get its result? If so look at the subprocess module. https://docs.python.org/3/library/subprocess.html

2nd Oct 2017, 4:56 AM

ChaoticDawg