Modifying a program to fake a button press

views:

295

answers:

+3 Q:

Modifying a program to fake a button press

I have an MFC application that I was given (without source code) which opens a window with an 'Update' button, which then performs a very long update after being clicked.

I'd like to modify the program so that when the window is created (or somewhere else such as DoModal), a message is sent to the program to make it think that the button was pressed.

I've been toying around with this for a while in Ida Pro and OllyDbg to no avail. I looked at possibly using PumpMessage, but this did not bring any success.

Any advice?

+1 A:

There are a few ways to do it using test automation techniques, but the simplest is to simply get the window handle for the button you want and send it a BM_CLICK message. This assumes that you have a working knowledge of C/C++ on Windows. If not, there are other means using .NET or other technologies. I'm not familiar with ida-pro or ollydbg.

Lee 2009-06-10 17:36:20

Just create a 2nd program that will lunch it and will send a mouse click using SendInput(...)

Shay Erlichmen 2009-06-10 17:40:00

+2 A:

If you don't like the idea of using a secondary "macro" program, you could patch the original program's binary to call the button's BM_CLICK handler. If you can find some space for the call (minimum 5 bytes without arguments), you can do this with OllyDbg alone (after editing the code, select it, and select "Copy to executable" -> "Selection" from the right-click menu). Otherwise, you'll need to create a new code section with a PE editor (e.g. LordPE or PE Tools) and add your code there (typically you'll want to change a call in the program to a jump to your section, where you perform the original call plus the call to the button's click handler, then jump back to the old position after your patched jump).

CyberShadow 2009-06-10 17:47:19

How/where would I put this patch in?

samoz 2009-06-10 17:53:16

If you're not going to create a new section, you could try finding a "code cave", which is practically a small area of memory that's unused by the program. Usually this can be in "dead" code (code that is never actually called by the program, at least not in the cases you're going to use it), or in the space left by the compiler for alignment (typically you don't get more than 15 bytes this way).

CyberShadow 2009-06-10 20:06:31

Check out this article: http://www.codeproject.com/KB/cpp/codecave.aspx - it doesn't describe adding a new section (which is middle grounds between using code caves and and a DLL). If you're okay with adding a DLL to the bundle, though, you could also simply add the DLL to the import table (again, with a PE editor) then patch the relevant code from your DLL using simple pointer operations.

CyberShadow 2009-06-10 20:11:14

See this perl module win32::guitest it could help you to do this.you can write with it a perl script and embed it in your program. or you can use the win32 api that wrap your required needs and use it.

dan 2009-12-04 10:27:44

ansaurus

tags:

views:

answers:

Modifying a program to fake a button press

related questions