Good evening all,

First of all, I've been curious about supposedly wrong things in the past. So let me clarify this first:
I am in no way trying to hack some program, have malicious intent, or anything of that nature!!

That being out of the way, the scenario is as follows:
My job requires me to answer a whole lot of questions (working at a service desk). This happens by phone. Now, I have been lucky enough to be entered in a pilot-group to test a program running on my computer that a headset can operate. Long story short, I have this great program, which I can activate with my headset, to answer calls.
This is fantastic, but since we have a rather large userbase, I would LOVE for that program to have a few more specific functions.
In this case, I would be very satisfied if a user called, and the program would pop up my program, and load some basic information about the caller (average call duration, computername, some comments, maybe even allow me to create a "score")

After some research, and some Googling I've found fairly contradicting answers.
Is this at all possible using C# (managed code vs unmanaged code and all that)?
Can it be done if you don't have access to the code? (I don't mind modifying/altering/tricking their software through less official ways, but all I want is for it to display my extra screen)
What are the restrictions of hooking/injecting? (can I run any random code, or something like only objects that are in the program itself? No clue about this, but might be possible?)

And last but certainly not least..
Would there be an easier way to do this? As long as the screen appears when the user calls, and thus activates the program, I'm a happy camper.

Thanks for any information and insights you guys (and/or girls) could offer!

Is this at all possible using C# (managed code vs unmanaged code and all that)?

Yes it's possible using unsafe code in C#.

Can it be done if you don't have access to the code?

Yes, but you'll have to reverse engineer their code to figure out where to insert your detour/trampoline function.

What are the restrictions of hooking/injecting?

Once you've detoured the method, you can do anything you could normally do.

Would there be an easier way to do this?

Contact the company that wrote the software and ask them for the functionality.

What you are proposing to do is not trivial. It will require skill in assembly, reverse engineering, windows internals, C/C++, C#. You'll probably be violating the license your company signed when they purchased the software. If you install software like this on your work computer without permission you'll most likely be fired.

Have fun :)

Comments
+1 for the "have fun" lol

Thanks for the reply!

Alright, well I don't mind doing the learning or the work. And this is free of any schedule, which helps as well. I might also be able to ask one of their engineers for hints or clues (he comes by about once every month). Though in previous conversations he was not actually knowledgable about the code from the product (although he wasn't against my ideas).

I do have some (extremely basic) working experience with things like OllyDB, might that at least provide a way in?
How much of the program would I have to reverse engineer?

The program is actually quite basic and simple, since most of the data is sent from the server to the program. Some of the finer points may be hard though.
Other thing entirely, I just thought of this. If they were to have an API available, would that make it easier, or just as hard?

Any tips, hints, guides, links, or examples would be greatly apreciated!

Until then, I will start looking up things suggested, and see what I can do with them.

Having an API available might make it easier, depending on what they provide.

As for how much you'll have to reverse engineer I can't tell you. You'll have to do enough to figure out where your code injection goes, which could be a small part to the entire program.

If it's a client/server program you might be able to insert yourself between the client and server (man-in-the-middle). This would be easier than the other method. And if you can get some info from the developers on what kind of messages are passed.

Good afternoon,

To know if the API is in fact available, I would have to wait until monday.

Reverse engineering is possible of course, but would require a great deal of time, effort, and most of all, learning. So for now, let's call that a final resort.

How tough would it be to create a man-in-the-middle program?
Would it be necesary to have it check all of the networktraffic (on a specific port of course) and analyze it until it finds the bytes it is looking for (predetermined by something like wireshark), or would it be possible to have like a special event for that?
Other thought, haven't checked this out, but maybe incorperate something that checks the current status of datatransfer of the dialingprogram? (sort of like netstat -a does)

Insights on this would be greatly apreciated

I don't mean to interject because I really have no answer to your question, but I did want to throw some things out there to consider:

1. Would it be easier for you to just write your own program that functions in the same way the one you use now does? You said it was simple, if it's really simple just replicate it and add your own features.

2. Be weary (and I mean very weary) of copyright laws. When I was in high school and college I'll admit I had no care for those (I don't think anyone really did), but meh since learning how to write software and getting older I've found that saying "OMG! Why didn't Microsoft add x, y, z feature!! What a ripoff! It wouldn't be that hard" is not actually true :) I know you aren't saying that so don't take it that way, but the point is, 99% of the time reverse engineering, patching or whatever you want to call it is illegal and even if there is an API, it might not provide the functionality you want.

Just some points to ponder :)

No offense taken at all.

Since I don't plan on selling, showing (outside of immediate colleagues), sharing, or distributing any of my changes, at this moment I don't think I need to worry about any of that. I would would strongly prefer to use a non-invasive way of adding (or more precisely reacting) with the software. But thanks for the suggestion.

The basic setup of the program is quite easy, however it does handle either the SIP or .H323 signals. Which is something I probably couldn't really do (unless I'd find some good and practical library for that). All the other functions could be done I suppose (though still not really easy)

True, but I would still be careful and do everything in a legal fashion. Piracy and DMCA violations are expensive and it could end up being worse. If I was you, I would call the software manufacturer and suggest your enhancement, or like you did ask for an API, or some form of written permission to do what you want to do.

I've never gotten in trouble for those violations...everything I have is legal and legit, and now that I see the work involved in writing those applications, I appreciate the rules a bit more than the average person I guess. I'm sure you do to.

Anyway, I'll get off my soapbox now :D sorry for stirring the pot...just wanted to offer a few suggestions/alternates.

Yes, but you'll have to reverse engineer their code to figure out where to insert your detour/trampoline function.

Hey that big block of NOOPs looks pretty good...

This article has been dead for over six months. Start a new discussion instead.