Win32 Debug API
-
I need to write a debugger which will execute an process and I need to get notification when that process will write or modify any thing on the hard disk. Can we keep watch on any process for getting info when that process will write to hard disk? I have read something about "Win32 Debug API". Can any one guide me or give me any demo code for this?
-
I need to write a debugger which will execute an process and I need to get notification when that process will write or modify any thing on the hard disk. Can we keep watch on any process for getting info when that process will write to hard disk? I have read something about "Win32 Debug API". Can any one guide me or give me any demo code for this?
chandni_chandrakant_maheta wrote:
I need to get notification when that process will write or modify any thing on the hard disk.
There is no such notification. You'd have to inject hooks into all the I/O functions in the Win32 API to handle this, kind of like how FileMon does it.
chandni_chandrakant_maheta wrote:
Can any one guide me or give me any demo code for this?
You probably won't find any specific to this application. No, I don't have any links or examples myself.
A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007 -
chandni_chandrakant_maheta wrote:
I need to get notification when that process will write or modify any thing on the hard disk.
There is no such notification. You'd have to inject hooks into all the I/O functions in the Win32 API to handle this, kind of like how FileMon does it.
chandni_chandrakant_maheta wrote:
Can any one guide me or give me any demo code for this?
You probably won't find any specific to this application. No, I don't have any links or examples myself.
A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007Thanks for your reply. Dave Kreskowiak wrote: You'd have to inject hooks into all the I/O functions Can you please give me any sample code or any article from where I can know how to inject hooks for an I/O function.
-
Thanks for your reply. Dave Kreskowiak wrote: You'd have to inject hooks into all the I/O functions Can you please give me any sample code or any article from where I can know how to inject hooks for an I/O function.
Hello, You can see FileMon and RegMon sources. FileMon sources are most important for you. You can get thiers here[^]