Catching a Command Line passed to an exe

Spilled · August 21, 2008, 09:36 PM

Ok so heres the question I have. I have an exe that is having a command line passed to it. What i need to do is find out exactly what it is being passed to it so I can "mimic" it and utilize this in one of my programs, How would i go about doing this?

brew · August 21, 2008, 11:18 PM

Is this for an application launcher or something? To bypass a piss poor attempt at authentication? You could just make a program that well... dumps the command line parameters being passed to it then rename that to the target executable. Or am i not understanding you correctly?

K · August 22, 2008, 02:05 PM

Quote from: Spilled on August 21, 2008, 09:36 PM
Ok so heres the question I have. I have an exe that is having a command line passed to it. What i need to do is find out exactly what it is being passed to it so I can "mimic" it and utilize this in one of my programs, How would i go about doing this?

Replace said program with a new executable.

Code Select


#include <stdio.h>

int main (int argc, char* argv[])
{
    for(int i = 0; i < argc; ++i) {
        printf("argv[%d] = '%s'\n", i, argv[i]);
    }

    return 0;
}

thebigred · May 15, 2009, 05:52 PM

It sounds like you want a wrapper type deal for the exe? Can you use exec and pass in arguments with that?

and doh i realized this was quite an old post....

Yegg · May 15, 2009, 09:38 PM

Quote from: thebigred on May 15, 2009, 05:52 PM
It sounds like you want a wrapper type deal for the exe? Can you use exec and pass in arguments with that?

and doh i realized this was quite an old post....

It seems that there is an executable that was not created by him. Another executable, also not created by him, is sending arguments to the first executable. He just needs to figure out what these arguments are.

Explicit · May 16, 2009, 12:22 AM

Way to bump an old topic, guys....

Yegg · May 16, 2009, 01:28 AM

Quote from: Explicit on May 16, 2009, 12:22 AM
Way to bump an old topic, guys....

I figured since he already bumped it, it wouldn't be as bad

. Not to mention, the activity in the forums still isn't all that great, but I do see a few new members around now.

bulletproof tiger · May 16, 2009, 04:16 AM

Yegg, use your fucking brain. Come on. Were you born yesterday?

brew · May 16, 2009, 08:03 AM

Quote from: Yegg on May 16, 2009, 01:28 AM
I figured since he already bumped it, it wouldn't be as bad . Not to mention, the activity in the forums still isn't all that great, but I do see a few new members around now.

But it is just as bad. Remember how I said that stupid posts are better than no posts? I was dead wrong. It's better to burn out than fade away. Please stop posting ambiguous, no-brainer shit, and preserve the post quality, Yegg!
Not to mention the aforementioned question had been answered by the FIRST post (my own). The OP hasn't responded, meaning he had already solved the problem a long time ago and your posts here are just dead unnecessary.

Yegg · May 16, 2009, 11:50 AM

Brew:How do you know that you answered his question? You made it clear in your post that you were not clear about exactly what he was asking. I guess you're also not aware that people see this site in Google and can often have a problem solved by reading the posts on here. The topic isn't ancient and at least more valid infotmation was tossed in. Way to waste a post.

l)ragon · May 16, 2009, 03:18 PM

K answered it best, just replace the exicutable with your own and print out whats being passed to it.

edit: btw 2008?

Yegg · May 16, 2009, 03:55 PM

Quote from: bulletproof tiger on May 16, 2009, 04:16 AM
Yegg, use your fucking brain. Come on. Were you born yesterday?

Use your fucking brain. If I was born yesterday, how would I have made posts on the forum prior to that day.

brew · May 17, 2009, 07:33 AM

Quote from: Yegg on May 16, 2009, 11:50 AM
Brew:How do you know that you answered his question? You made it clear in your post that you were not clear about exactly what he was asking.

In my first post, I was indeed speculative. Not as to what the possible solution may be (that was made quite clear by the topic), but instead the purpose behind this.

Quote from: Yegg on May 16, 2009, 11:50 AM
I guess you're also not aware that people see this site in Google and can often have a problem solved by reading the posts on here. The topic isn't ancient and at least more valid infotmation was tossed in.

No, I'm perfectly aware of this. I do have confidence in googleers, however. They probably can infer from the first post all the obstensibly apparent information you "added" to the discussion.

Quote from: Yegg on May 16, 2009, 11:50 AM
Way to waste a post.

touché!

Yegg · May 17, 2009, 11:16 AM

I already agree with Dragon that K's post is the best answer.

Grok · June 16, 2009, 10:49 AM

Bump!

Query the process? You may be able to get the Command Line string directly or from the Process Information or environment block. It seems the command line string is available to the process itself, in ungarbled form, so reading it should merely involve the proper API, or locating it in the target process memory.