Paul Bunyan Freeware Addons:
The tools and utilities below are freeware
and meant as samples and 'helpers'. No warranty, expressed
or implied, is provided.
Where applicable, the 'Details'
link describes the tool and its particular usage. The associated
DLL, EXE, or other file of interest may be downloaded directly
by clicking the desired link. Associated .zip files contain
Visual Studio samples or projects for the tools themselves,
so that code may be viewed or modified and rebuilt.
NOTE: Text files (.bas, .h, .rul, .sql, etc. as well
as the Details (.htm) pages themselves) may be downloaded
and saved by right-clicking on them. renaming one text file.
|
Name |
Tool Description
|
Downloads |
|
Commandline Logger |
Program logs its command line arguments and environment
variables. Used for debugging process and
batch file invocations.
|
Details
PBArgs.exe
PBArgs.zip |
|
ODBC Trace DLL |
DLL exports ODBC callback entrypoints for use in
monitoring/logging ODBC activity and arguments.
The DLL is substituted for "ODBCTrac.dll" on the
Tracing tab of the Data Sources (ODBC) Control Panel
applet. Traced ODBC activity is then logged
to Paul Bunyan instead of disk files. |
Details
PBODBCTrace.dll
PBODBCTrace.zip |
|
Socket Interceptor |
The Socket Interceptor intercepts and logs TCP/IP
socket conversations by acting as a middleman between
the client and server - simulating both client
and server to the real server and real
client. It accomplishes this by simulating
the server (i.e. listening for incoming connection
requests) on the 'Simulation' IP and port and, upon
connection, connecting in turn to the real server
on the 'Actual' IP and port - in effect simulating
the client. It then redirects all data
back and forth between the real client and real
server while logging it. |
Details
PBSocketInterceptor.exe
PBSocketInterceptor.zip
|
|
API Interceptor |
The API Interceptor is a DLL that when loaded into
a process hooks a variety of imported DLL entry
points so that it can intercept and log errors associated
with them. (One use of this functionality
is the redirecting of OutputDebugString() logging
to Paul Bunyan.) New functions are added regularly
and users can easily modify the source code
to add their own whether operating system APIs or
even those of 3rd party libraries. |
Details
PBAPIInterceptor.dll
PBAPIInterceptor.zip
PBAPIInterceptor.h
PBAPIInterceptor.bas |
|
VB Demo Project |
A simple Visual Basic application that demonstrates some of the usage of Paul Bunyan and the Message Logging Capabilities that are available to the developer.
|
PBVDDemo.zip
|
Command Line Logger
PBArgs.exe is a diagnostic tool used to
debug program invocations. Typical uses are in diagnosing
problems with batch files, shell scripts, make (.mak/.mk)
files, tool executions, event handlers, etc. The program
logs out its command line arguments followed by its environment
variables. Back to top
ODBC Trace DLL
PBODBCTrace.dll was created using the ODBC
trace sample included with Microsoft's Platform SDK.
The sample is effectively the source code for the standard
ODBCTrac.dll. As originally coded, the DLL logs all
monitored activity to the file specified on the Tracing
tab of the ODBC Data Source Administrator control panel.
PBODBCTrace.dll leaves the sample code essentially unchanged
with the exception of logging ODBC activity to Paul Bunyan
instead of to disk files.
To use the PBODBCTrace.dll follow these
four simple steps:
-
Copy the .DLL file to the System32 directory.
-
Open the ODBC Data Source Administrator
control panel applet to the "Tracing" tab.
-
Select PBODBCTrace.dll as the "Custom
Trace DLL".
-
Under "When to trace", click the "Start
Tracing Now" button (replaced by Stop Tracing Now in
the illustration).
Any ODBC applications started after PBODBCTrace.dll
has been installed and activated will cause ODBC traffic
to be logged to Paul Bunyan until the "Stop Tracing Now"
button is clicked.
A typical Message Details screen follows:
Open the ODBC Data Source Administrator
control panel, advance to the "Tracing" tab, and click the
"Stop Tracing Now" button to disable logging. Text
Back to top
Socket Interceptor
The Socket Interceptor intercepts and logs
TCP/IP socket conversations by acting as a middleman between
the client and server - simulating both client and
server to the real server and real client.
It accomplishes this by simulating the server (i.e. listening
for incoming connection requests) on the 'Simulation' IP
and port and, upon connection, connecting in turn to the
real server on the 'Actual' IP and port - in effect simulating
the client. It then redirects all data back
and forth between the real client and real server while
logging it.
Note: A useful familiarization exercise
is to configure the Socket Intercepter to intercept the
conversation between an email client and email server and
search for user logon information. Back to top
API Interceptor
Paul Bunyan's API Interceptor is a DLL that
when loaded into a process hooks a variety of imported DLL
entry points so that it can intercept and log errors associated
with them. Once loaded it also hooks API calls associated
with the loading of additional DLLs so that it can hook
them as they are brought in.
The API Interceptor is based entirely on
original work by John Robbins - columnist writer of "Bugslayer"
for (then) MSJ. It was originally created to simply
trap and redirect logging done via the operating system
call OutputDebugString().
The utility was reworked to intercept OutputDebugString()
calls and direct the logging to Paul Bunyan but has also
been extended to intercept a number of other imports as
well. At present, the interceptor is coded to only
log functions in the case where there is an error - as opposed
to 'tracing' function calls in which case it would log all
activity whether in error not.
As the call hooking is done on a fairly
low level it is independent of such things as programming
language and is entirely a matter of simply loading the
DLL into the process space. Accordingly, the API Interceptor
may be used with C++, Visual Basic (whether in compiled
form or running in the IDE) , from within database engines,
web servers, etc. DLL load functions are provided
for C++ and VB.
The source code is written in highly
templated format for the express purpose of streamlining
the addition of intercepted imports and is in essence, quite
trivial. While Diamond Sierra regularly adds new functions,
users are also encouraged to add their own as well whether
operating system APIs or even those of 3rd party libraries.
Any such additions are more than welcome and may be submitted
for inclusion with the downloadable copy by simply emailing
the updated 'Functions.cpp' file to:
support@DiamondSierra.com.
API calls intercepted in latest version:
OutputDebugString
LoadLibrary
LoadLibraryEx
CreateFile
CLSIDFromProgID
CoCreateInstance
CoCreateInstanceEx
Back to top
Contact us
| View site map
|