Protocols/MSNP/Development: Difference between revisions
Jump to navigation
Jump to search
(Created page with " === Debug Logging === <pre> **Messenger** Messenger for Windows has the ability to create a log file. Here is a reg file [Debug.reg](https://storage.levelleap.com/nina/pro...") |
No edit summary |
||
| Line 34: | Line 34: | ||
https://support.microsoft.com/de-de/help/2433327/how-to-enable-and-disable-a-trace-for-the-microsoft-online-services-sign-in-assistant | https://support.microsoft.com/de-de/help/2433327/how-to-enable-and-disable-a-trace-for-the-microsoft-online-services-sign-in-assistant | ||
</pre> | </pre> | ||
=== Tools === | |||
Here is some tools that may be useful: | |||
==== API monitor: ==== | |||
* WinAPIOverride: http://jacquelin.potier.free.fr/winapioverride32/ | |||
* API Monitor: http://www.rohitab.com/apimonitor | |||
* SpyStudio API Monitor: http://www.nektra.com/products/spystudio-api-monitor/ | |||
* API Monitor: http://apimonitor.com/ | |||
* Auto Debug: http://autodebug.com/ | |||
* Tracer: https://yurichev.com/tracer-en.html | |||
* API Spy: http://www.matcode.com/apis32.htm | |||
* oSpy: https://github.com/oleavr/ospy | |||
==== Network monitor: ==== | |||
* WireShark: https://www.wireshark.org/ | |||
* Fiddler: http://www.telerik.com/fiddler | |||
* RawCap: http://www.netresec.com/?page=RawCap | |||
* DNSQuerySniffer: http://www.nirsoft.net/utils/dns_query_sniffer.html | |||
* SocketSniffer: http://www.nirsoft.net/utils/socket_sniffer.htm | |||
* IMSpector: http://www.imspector.org/ | |||
==== Disassembly: ==== | |||
* IDA: https://www.hex-rays.com/products/ida/ | |||
* IDA FindCrypt plugin: https://www.aldeid.com/wiki/IDA-Pro/plugins/FindCrypt2 | |||
==== Strings extraction: ==== | |||
* Strings2: http://split-code.com/strings2.html | |||
==== API hooking: ==== | |||
* Detours: https://www.microsoft.com/en-us/download/details.aspx?id=52586 | |||
* Deviare: http://www.nektra.com/products/deviare-api-hook-windows/ ( http://www.nektra.com/products/deviare-api-hook-windows/deviare-in-process/ ) | |||
* EasyHook: https://easyhook.github.io/ | |||
==== Various: ==== | |||
* MSN Webcam Recorder: http://msnwcrec.arrozcru.org/index.html | |||
* MSN Polygamy: https://storage.levelleap.com/nina/clients/msnp/misc/MSN_Polygamy.exe | |||
Revision as of 05:48, 13 March 2021
Debug Logging
**Messenger**
Messenger for Windows has the ability to create a log file.
Here is a reg file [Debug.reg](https://storage.levelleap.com/nina/protocols/msnp/development/Debug.reg) to enable the logging on (at least) versions < 9.
The log file will be in the `Documents > My Received Files` (the folder name depends on Messenger language).
In Windows Live Messenger, you will find some logs there: `C:\Users\{user}\AppData\Local\Microsoft\Messenger\`
**Microsoft Identity Control**
You can use these 2 reg files to turn on/off logging for microsoft identity control components (msidcrl, ...):
[Enable_Logging.reg](https://storage.levelleap.com/nina/protocols/msnp/development/Enable_Logging.reg)
[Disable_Logging.reg](https://storage.levelleap.com/nina/protocols/msnp/development/Disable_Logging.reg)
The path were the log will be is in the reg file.
If you don't change the path in the reg files, you need to create 2 folders: `C:\MSOTrace` and `C:\MSOTraceLite`
**Sources**
NOTE: Please replace `MSOIdentityCRL` by `IdentityCRL` in registry keys name when needed.
https://messengersupportspace.wordpress.com/2007/08/03/how-to-create-a-messenger-idcrl-log/
https://social.technet.microsoft.com/wiki/contents/articles/18103.microsoft-online-services-sign-in-assistant-how-to-enable-debug-tracing.aspx
https://support.microsoft.com/de-de/help/2433327/how-to-enable-and-disable-a-trace-for-the-microsoft-online-services-sign-in-assistant
Tools
Here is some tools that may be useful:
API monitor:
- WinAPIOverride: http://jacquelin.potier.free.fr/winapioverride32/
- API Monitor: http://www.rohitab.com/apimonitor
- SpyStudio API Monitor: http://www.nektra.com/products/spystudio-api-monitor/
- API Monitor: http://apimonitor.com/
- Auto Debug: http://autodebug.com/
- Tracer: https://yurichev.com/tracer-en.html
- API Spy: http://www.matcode.com/apis32.htm
- oSpy: https://github.com/oleavr/ospy
Network monitor:
- WireShark: https://www.wireshark.org/
- Fiddler: http://www.telerik.com/fiddler
- RawCap: http://www.netresec.com/?page=RawCap
- DNSQuerySniffer: http://www.nirsoft.net/utils/dns_query_sniffer.html
- SocketSniffer: http://www.nirsoft.net/utils/socket_sniffer.htm
- IMSpector: http://www.imspector.org/
Disassembly:
- IDA: https://www.hex-rays.com/products/ida/
- IDA FindCrypt plugin: https://www.aldeid.com/wiki/IDA-Pro/plugins/FindCrypt2
Strings extraction:
- Strings2: http://split-code.com/strings2.html
API hooking:
- Detours: https://www.microsoft.com/en-us/download/details.aspx?id=52586
- Deviare: http://www.nektra.com/products/deviare-api-hook-windows/ ( http://www.nektra.com/products/deviare-api-hook-windows/deviare-in-process/ )
- EasyHook: https://easyhook.github.io/
Various:
- MSN Webcam Recorder: http://msnwcrec.arrozcru.org/index.html
- MSN Polygamy: https://storage.levelleap.com/nina/clients/msnp/misc/MSN_Polygamy.exe