Documentation for capturing OutputDebugString / Kernel messages

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have written a small .net application to captutre the output from calls to
OutputDebugString. However it does not always work, and in general does not
seem to capture the output when it is written out from within an ASP.Net
application on Windows2000.

I have noticed using DebugView that the strings I can not capture are the
same as are only captured when DebugViews' "capture kernel" setting is
enabled.

Could anyone point me in the direction of any documentation or samples on
how to capture or read all of the outputs that are sent to OutputDebugString,
and what determines whether "capture kernel" mode is required or not ?

The program I have does seem to work most of the time, but what I really
want is some documentation or information on how your supposed to do this.

thanks
Lemony
 
Hi Lemony,

First of all, I would like to confirm my understanding of your issue. From
your description, I understand that you need hook everything that
OutputDebugString writes. If there is any misunderstanding, please feel
free to let me know.

As far as I can see, we have to use an API hook to get what the
OutputDebugString is trying to write. So I suppose you need a system wide
API hook. There is some articles discussing about this on CodeProject with
source code. Here are some of them. Hope this helps.

http://www.codeproject.com/system/hooksys.asp
http://www.codeproject.com/system/Paladin.asp
http://www.codeproject.com/dll/apihijack.asp

Kevin Yu
=======
"This posting is provided "AS IS" with no warranties, and confers no
rights."
 
Kevin

Thanks for the reply,
First of all, I would like to confirm my understanding of your issue. From
your description, I understand that you need hook everything that
OutputDebugString writes
Click to expand...

Yes this is correct.
As far as I can see, we have to use an API hook to get what the
OutputDebugString is trying to write.
Click to expand...

I currently use the DBWIN_BUFFER segment and DBWIN_DATA_READY events which I
thought would be the official way of doing things. However I cant find any
MS documentation about this either. I'll have a look at the hooks documents
you sent me, but do you think this is a preferable approach to the events ?

thanks
Lemony
 
Hi Lemony,

As far as I know, there is no official way of doing this. Hooking is a
reliable way to get all the messages.

Kevin Yu
=======
"This posting is provided "AS IS" with no warranties, and confers no
rights."
 
Back
Top