image


Paul Bunyan Freeware Addons:

The tools and utilities below are freeware and meant as samples and 'helpers'. No warranty, expressed or implied, is provided.

Where applicable, the 'Details' link describes the tool and its particular usage. The associated DLL, EXE, or other file of interest may be downloaded directly by clicking the desired link. Associated .zip files contain Visual Studio samples or projects for the tools themselves, so that code may be viewed or modified and rebuilt.

NOTE: Text files (.bas, .h, .rul, .sql, etc. as well as the Details (.htm) pages themselves) may be downloaded and saved by right-clicking on them. renaming one text file.

 
Name Tool Description Downloads
Commandline Logger

Program logs its command line arguments and environment variables.  Used for debugging process and batch file invocations.

Details
PBArgs.exe
PBArgs.zip
ODBC Trace DLL DLL exports ODBC callback entrypoints for use in monitoring/logging ODBC activity and arguments.  The DLL is substituted for "ODBCTrac.dll" on the Tracing tab of the Data Sources (ODBC) Control Panel applet.  Traced ODBC activity is then logged to Paul Bunyan instead of disk files. Details
PBODBCTrace.dll
PBODBCTrace.zip
Socket Interceptor The Socket Interceptor intercepts and logs TCP/IP socket conversations by acting as a middleman between the client and server - simulating both client and server to the real server and real client.  It accomplishes this by simulating the server (i.e. listening for incoming connection requests) on the 'Simulation' IP and port and, upon connection, connecting in turn to the real server on the 'Actual' IP and port - in effect simulating the client.  It then redirects all data back and forth between the real client and real server while logging it. Details
PBSocketInterceptor.exe
PBSocketInterceptor.zip
API Interceptor The API Interceptor is a DLL that when loaded into a process hooks a variety of imported DLL entry points so that it can intercept and log errors associated with them.  (One use of this functionality is the redirecting of OutputDebugString() logging to Paul Bunyan.)  New functions are added regularly and users can easily modify the source code to add their own whether operating system APIs or even those of 3rd party libraries. Details
PBAPIInterceptor.dll
PBAPIInterceptor.zip
PBAPIInterceptor.h
PBAPIInterceptor.bas
VB Demo Project

A simple Visual Basic application that demonstrates some of the usage of Paul Bunyan and the Message Logging Capabilities that are available to the developer.

PBVDDemo.zip




Command Line Logger

PBArgs.exe is a diagnostic tool used to debug program invocations.  Typical uses are in diagnosing problems with batch files, shell scripts, make (.mak/.mk) files, tool executions, event handlers, etc.  The program logs out its command line arguments followed by its environment variables.

Back to top




ODBC Trace DLL

PBODBCTrace.dll was created using the ODBC trace sample included with Microsoft's Platform SDK.  The sample is effectively the source code for the standard ODBCTrac.dll.  As originally coded, the DLL logs all monitored activity to the file specified on the Tracing tab of the ODBC Data Source Administrator control panel.  PBODBCTrace.dll leaves the sample code essentially unchanged with the exception of logging ODBC activity to Paul Bunyan instead of to disk files.

To use the PBODBCTrace.dll follow these four  simple steps:

  1. Copy the .DLL file to the System32 directory.

  2. Open the ODBC Data Source Administrator control panel applet to the "Tracing" tab.

  3. Select PBODBCTrace.dll as the "Custom Trace DLL".

  4. Under "When to trace", click the "Start Tracing Now" button (replaced by Stop Tracing Now in the illustration).

ODBC Data Source Administrator control panel applet

Any ODBC applications started after PBODBCTrace.dll has been installed and activated will cause ODBC traffic to be logged to Paul Bunyan until the "Stop Tracing Now" button is clicked.

A typical Message Details screen follows:

Message Details  

Open the ODBC Data Source Administrator control panel, advance to the "Tracing" tab, and click the "Stop Tracing Now" button to disable logging. Text

Back to top



Socket Interceptor

The Socket Interceptor intercepts and logs TCP/IP socket conversations by acting as a middleman between the client and server - simulating both client and server to the real server and real client.  It accomplishes this by simulating the server (i.e. listening for incoming connection requests) on the 'Simulation' IP and port and, upon connection, connecting in turn to the real server on the 'Actual' IP and port - in effect simulating the client.  It then redirects all data back and forth between the real client and real server while logging it.

Note: A useful familiarization exercise is to configure the Socket Intercepter to intercept the conversation between an email client and email server and search for user logon information.

Back to top




API Interceptor

Paul Bunyan's API Interceptor is a DLL that when loaded into a process hooks a variety of imported DLL entry points so that it can intercept and log errors associated with them.  Once loaded it also hooks API calls associated with the loading of additional DLLs so that it can hook them as they are brought in.

The API Interceptor is based entirely on original work by John Robbins - columnist writer of "Bugslayer" for (then) MSJ.  It was originally created to simply trap and redirect logging done via the operating system call OutputDebugString().

The utility was reworked to intercept OutputDebugString() calls and direct the logging to Paul Bunyan but has also been extended to intercept a number of other imports as well.  At present, the interceptor is coded to only log functions in the case where there is an error - as opposed to 'tracing' function calls in which case it would log all activity whether in error not.

As the call hooking is done on a fairly low level it is independent of such things as programming language and is entirely a matter of simply loading the DLL into the process space.  Accordingly, the API Interceptor may be used with C++, Visual Basic (whether in compiled form or running in the IDE) , from within database engines, web servers, etc.  DLL load functions are provided for C++ and VB.

The source code is written in highly templated format for the express purpose of streamlining the addition of intercepted imports and is in essence, quite trivial.  While Diamond Sierra regularly adds new functions, users are also encouraged to add their own as well whether operating system APIs or even those of 3rd party libraries.  Any such additions are more than welcome and may be submitted for inclusion with the downloadable copy by simply emailing the updated 'Functions.cpp' file to: support@DiamondSierra.com.

API calls intercepted in latest version:

OutputDebugString
LoadLibrary
LoadLibraryEx
CreateFile
CLSIDFromProgID
CoCreateInstance
CoCreateInstanceEx
Back to top




Contact us | View site map


image


image
image
image
ęCopyright 1997-2010 Diamond Sierra Software All Rights Reserved
For more information feel free to Contact Us

Apollo Beach Internet Web Design and Hosting
ęSite Design 2009-2010