如何判断库是 COM 还是 DCOM?
How to tell if a library is COM or DCOM?
我的任务是尝试重新创建一个 DLL,该 DLL 对原始 DLL 稍作修改,如果另一个程序运行,该 DLL 将被执行。基本上是 DLL 的模拟版本,用于 testing/simulating 更大系统的其他部分。
我正在搜索是否有任何方法可以检查库是 COM 还是 DCOM,但没有找到任何方法。我是aware of the differences,但是给定一个DLL库,我如何判断它是COM库还是DCOM库?
此外,有没有办法用更新的技术替换 COM/DCOM 库,但不更改调用 COM/DCOM 库的部分代码?
哇,你在这里老派了!
如果我没记错的话,任何有效的 COM 对象也可以参与 DCOM。远程过程调用的连接不是在操作系统级别完成的吗?
来自https://msdn.microsoft.com/en-us/library/aa295360(v=vs.60).aspx:
Once COM was adapted to work across a network, then any interface that
was not tied to a local execution model (some interfaces have inherent
reliance on local machine facilities, such as those drawing interfaces
whose methods have handles to device contexts as parameters) would
have the capability of being distributed: An interface consumer would
make a request for a given interface; that interface may be provided
by an instance of an object running (or to be run) on a different
machine. The distribution mechanism inside COM would connect the
consumer to the provider in such a way that method calls made by the
consumer would appear at the provider end, where they would be
executed. Any return values would then be sent back to the consumer.
To all intents and purposes, the act of distribution is transparent to
both the consumer and the provider.
Such a variety of COM does now exist. DCOM (for ‘distributed COM’), is
shipped with versions of Windows NT beginning with version 4.0. Since
late 1996, it has also been available for Windows 95 and its
derivatives. In both cases, DCOM comprises a set of replacement and
additional DLLs, with some utilities, which provide both local and
remote COM capabilities. It is therefore now an inherent part of
Win32-based platforms, and will be made available on other platforms
by other organizations over time.
仅凭可执行代码,您无法判断它是哪个,除非 proxy/stub dll 附带它,您可以假设它是 DCOM。
明显的区别在于事物的注册方式。深入了解注册过程可能容易也可能不那么容易,具体取决于注册的实施方式。如果注册参数是手工粘贴在代码中的,那么您将不得不以更困难的方式对其进行逆向工程。如果注册使用存储在资源中的 .rgs 文件,您可以提取它并查看注册是如何完成的。无论如何,最好的办法是使用 VM 并导出其注册表,然后注册组件,再次导出注册表并查看差异 - 添加了什么。
我的任务是尝试重新创建一个 DLL,该 DLL 对原始 DLL 稍作修改,如果另一个程序运行,该 DLL 将被执行。基本上是 DLL 的模拟版本,用于 testing/simulating 更大系统的其他部分。
我正在搜索是否有任何方法可以检查库是 COM 还是 DCOM,但没有找到任何方法。我是aware of the differences,但是给定一个DLL库,我如何判断它是COM库还是DCOM库?
此外,有没有办法用更新的技术替换 COM/DCOM 库,但不更改调用 COM/DCOM 库的部分代码?
哇,你在这里老派了!
如果我没记错的话,任何有效的 COM 对象也可以参与 DCOM。远程过程调用的连接不是在操作系统级别完成的吗?
来自https://msdn.microsoft.com/en-us/library/aa295360(v=vs.60).aspx:
Once COM was adapted to work across a network, then any interface that was not tied to a local execution model (some interfaces have inherent reliance on local machine facilities, such as those drawing interfaces whose methods have handles to device contexts as parameters) would have the capability of being distributed: An interface consumer would make a request for a given interface; that interface may be provided by an instance of an object running (or to be run) on a different machine. The distribution mechanism inside COM would connect the consumer to the provider in such a way that method calls made by the consumer would appear at the provider end, where they would be executed. Any return values would then be sent back to the consumer. To all intents and purposes, the act of distribution is transparent to both the consumer and the provider.
Such a variety of COM does now exist. DCOM (for ‘distributed COM’), is shipped with versions of Windows NT beginning with version 4.0. Since late 1996, it has also been available for Windows 95 and its derivatives. In both cases, DCOM comprises a set of replacement and additional DLLs, with some utilities, which provide both local and remote COM capabilities. It is therefore now an inherent part of Win32-based platforms, and will be made available on other platforms by other organizations over time.
仅凭可执行代码,您无法判断它是哪个,除非 proxy/stub dll 附带它,您可以假设它是 DCOM。
明显的区别在于事物的注册方式。深入了解注册过程可能容易也可能不那么容易,具体取决于注册的实施方式。如果注册参数是手工粘贴在代码中的,那么您将不得不以更困难的方式对其进行逆向工程。如果注册使用存储在资源中的 .rgs 文件,您可以提取它并查看注册是如何完成的。无论如何,最好的办法是使用 VM 并导出其注册表,然后注册组件,再次导出注册表并查看差异 - 添加了什么。