Hi guys,
Rather a peripheral question; apologies for that - but I'd imagine there are experts here that may be able to help.
I have a black-box problem - a Windows app dealing with confidential data that I can't easily touch (and thus can't get to run under Wine) - which does some small but critical automation of MS Office - using VBS / COM scripting.
I'd -really- love some input on how best to trace that series of COM method calls on Windows itself ie. the (remote) service activation, and the RPC beyond that - particularly the method names, parameters etc. of the COM/OLE Office API. I've tried (so far):
http://www.rohitab.com/apimonitor which, while closed, looks interesting; but traces a lot in a hard-to-search way and doesn't appear to do the trick.
https://support.microsoft.com/en-us/help/926098/how-to-enable-com-and-com-di... Sounds useful: using Event Tracing for Windows (ETW) but has this rather unhelpful property: "The binary file must be formatted by Microsoft so that it can be analyzed. Please forward the .etl files to your support contact. ..." ;-)
Component models used to be all the rage in my youth ;-) surely someone solved the "strace for COM calls" problem elegantly some-when !
Crazily - might it be possible to instrument, interpose and use Wine's COM impl. on Windows [ which sounds a bit 'exciting' ;-], or ?
Anyhow - help much appreciated & sorry for the noise !
Regards,
Michael.