Exetools  

Go Back   Exetools > General > General Discussion

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 06-25-2005, 22:50
bgrimm bgrimm is offline
Friend
 
Join Date: Jan 2004
Location: South of The North Pole
Posts: 66
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 3 Times in 3 Posts
bgrimm Reputation: 0
Delphi App network activity

I have an app written in Delphi, every time it runs, trys to execute a UDP broadcast to a system outside the local network on a suspicious port.

The program was written for looking up parts in a local database, and is distributed free to businesses whom purchase from that distributor.
It was just after it triggered activity thru my firewall that I took an interest in what this app may be doing.

The app doesn't have any fancy tricks, (example: expiration was keyed to file date/time, admin password dialog text was hardcoded, etc...)

I'm wondering what functions the delphi app could use to communicate out, so as to breakpoint on them and trace what this app might be up to?

The import section looks pretty standard and I did not see what functions may be used for network communication.
Code:
kernel32.dll     user32.dll	
advapi32.dll     oleaut32.dll	
version.dll      gdi32.dll
ole32.dll        comctl32.dll
winspool.drv     shell32.dll
comdlg32.dll     ACE32.DLL
(ACE32 is for database access)
I expected to find wininet.dll imported, or maybe it using some function in Shell32.dll.
There are no other DLL's, or executables used by this app.

Referenced text strings had nothing of interest as the address it talks to is hardcoded. (224.0.1.55 on Port 2989)

Nothing in the registry regarding that address or port.

Googling got me some technical info, example code, etc, but nothing short and to the point of explanation on UDP broadcast communication in delphi.

-bg
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Network Monitor by M$ wps8848 x64 OS 7 08-17-2014 17:05


All times are GMT +8. The time now is 06:42.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX
( 1998 - 2021 )