search

hasherezade / tiny_tracer

A Pin Tool for tracing API calls etc
1.26k stars 139 forks source link

Tracking DLL #1

Closed Tare05 closed 5 years ago

Tare05 commented 5 years ago

Question

Hello!

Is there a way to get a track dump from just a DLL file specificly?

Also thanks for all the great tools, they really help me out!

hasherezade commented 5 years ago

Hello! Yes, it is possible to trace a selected DLL rather than the main EXE. First, make sure that you copied the latest run_me.bat. You will see the line:

rem TRACED_MODULE - by default it is the main module, but it can be also a DLL within the traced process
set TRACED_MODULE=%TARGET_APP%

You need to change the traced module to your DLL, i.e.:

rem TRACED_MODULE - by default it is the main module, but it can be also a DLL within the traced process
set TRACED_MODULE=user32.dll

Now it will trace the mentioned DLL and generate tags for it, i.e. user32.dll.tag

Tare05 commented 5 years ago

Thank you for your fast answer!

hasherezade commented 5 years ago

@Tare05 - you are welcome! now this topic is also covered in the Tiny Tracer's Wiki