how do I see communication exchange in Windows desktop application

Shalini

New member
Joined
Mar 6, 2022
Messages
1
Programming Experience
3-5
Dear Friends ,

I need a help from you all expert , I could not find answer in google and other forum

Question : How do I see the calls request response in case of Windows Application (not web)

Pls read this objective , So you can help me if possibe

I am not a developer , but I need to Debug code for testing , more then manual testing ,sort of white box tester . .
You see in case of Web Application , All I do is Press F12, How if I have to make a fair guess on application internals or how its developed , I can observe the API Calls , in the api call header i can easily see what is the request and what is the response , Similarly if its GraphAPI calls I can also get fair understanding.
Now if I need to learn more , I can simply copy the api call name and search in my Code base to understand more .


Now, I have been move to a new project which is completely Windows desktop Application built using WPF and UWP -> I have no idea on how to debug trace flow logic of Windows application .

Now Debug here I mean not the usual Breakpoint debugging that developer do by running in local host.; But tracing the flow of application .

My need :***
**** I want to be able to do some action in the windows desktop application and then see what is the communication between my action in windows app vs what is being send and what is the response , Some sort of F12 -> seeing API request response.

Can you guys pls help me out how do I do the F12 , reqeust response alternative of web application in case of [microsoft windows application]


I am really struggling with this because I need to trace UI action till the code logics , I tried Fiddler, WireShark -I don't see anything for windows applicaiton ( like I see in case of - Web applicaiton )

Please note : I DO NOT want to run the .net net solution in local host to do this , just like in case of Web app- I can find the api call name from f12 request response and then I can search the api details in Code and trace through , I need to be able to do the same.

Please help .
 
For native applications, the foolproof way is to attach a debugger and trace through the code.

The next best foolproof way is to inject DLLs that replace the DLLs that you are wanting to monitor. If the app is monolith, and the only DLLs it calls are the Windows OS, then that all you'll see with this approach.

For apps compiled to native, you'll need to get a good disassembler, and something that can convert that disassembly to a higher level language if you don't want to slog through assembler instructions.

All of those above involve a lot of expertise and skill.

If you were dealing with a standard Windows program, Spy++ will give you some insight in to that Windows messages sent around as the app updates its UI and interacts with the rest of the OS GUI. Alas you said you wanted to look at WPF and UWP. They still use Windows messages, but only for interacting with the OS GUI. Almost all of their in app UI updates are through internal calls and message passing not visible in Spy++.

Process Explorer and FileMon are free utilities from SysInternals which let you monitor file and registry accesses. It'll give you insight into what file and registry level accesses are being done, but it won't give you any insight into network accesses. For that WireShark and its spin-off will give you that insight.

Most WPF and UWP are compiled into IL byte code. ILDasm that come with the .NET SDKs will let you disassemble the IL into human readable IL instructions. Other tools can disassemble IL and display C# code. Most of these tools are easily blocked by obfuscators, though. And if apps are compiled AOT to native, then that route is blocked. See my first few paragraphs regarding native compiled apps.
 
I vaguely remember, from a long time ago, toying with some program that claimed to trace Windows API calls. It did not work very well and I soon stopped using it. If only Windows had an equivalent of the Unix truss (Linux strace) command...
 
On re-reading post #1, it seems that our OP is really just interested in the web network communications. In that case, Fiddler, Charles, or most other web proxies will be sufficient. And if that is not enough, then WireShark and its brethren would be the way to see what is happening.
 
Back
Top Bottom