Descover IPC interface for undocumented program?

Question

I have a program without documentation. I am wondering if there is a way to discover if it has any interface for interprocess communication. Are there any tools that search through an executable to discover such interfaces? I am interested in learning anything about such a program, like if it supports any command line options or arguments, or whatever else may be discoverable.

I primarily use Linux, and some of the programs I would like to interface with are Windows programs running via wine. I program in C and C++, and some Python.

A related question; is there a way to programmatically simulate clicking a button in some other window on the computer screen?

Answer 1

Discovery of IPC interface / IPC mechanisms for undocumented program can involve gathering of lot of information by various means, putting it together and mapping the information.

The ipcs command can be used to get the information about all ipc objects. It shall provide information about currently active message queues, shared memory segments and semaphores. This is available as part of util-linux .

Another option is to look for shm folder in /proc/ to view the list of currently active shared memory that are in use before and after running your program.

FIFO are special files that are created using mkfifo which you can determine from file type p in ls-l output. Also, you can use the -p option to test whether a file is a pipe.

/proc/<pid>/fd can help to gather more info. The lsof is a very handy tool that can give you the list of open files and the processes that opened them. It can list the PID, PGID, PPID, owner of process, the command that is being executed by the process and the files that are in use by the process.

fuser can provide your the list of PIDs that use the specific files or file systems.

top/htop gives you the list of processes that run in your system. This can give wide range of information ranging from priority of the processes in the form of NI to memory usage via REM or MEM .

iotop can provide a table of current I/O usage by processes or threads on the system by monitoring the I/O usage information output by the kernel.

mpstat can give 'the percentage of time that the CPU or CPUs were idle during which the system had an outstanding disk I/O request' via 'iowait' argument.

strace shall intercept/record system calls that are called by a process and also the signals that are received by a process. Strace will be able to show the order of events and all the return/resumption paths of calls.

LTTng is a combination of kprobes, tracepoint and perf functionalities that can help in tracing of interrupts and race conditions.

Answer 2

Some Windows Programs use DCOM for interprocess-communication. There are some few programs to extract this interface from DLL- and EXE-Files. Otherwise you have to disassemble the program, and look at the code directly, which is non-trival. For your last question: Windows programs use a message system to communicate with the GUI. You can use sendmessage to simulate any message, such as clicking a button.