I have two applications (.exe) that are running on the same machine (Windows XP x86) and I know are communicating with eachother (I dont know how, I didn't write them). I would like to find a way to sniff the communication between the applications. Is there a way to do this?
I've done some messing with ProMon and i can probably figure it out from there but I'm wondering if there is something a little more specific to this purpose. ProMon can be a bit intimidating.
First, you could watch your two applications with a system call tracer like StraceNT (or see this question). With some luck, you should be able to figure out whether the processes communicate through a local socket, a TCP connection (via localhost undoubtedly), a pipe, a named file, or shared memory.
You can also run netstat while the applications are running to see if they are opening any network ports.
Once you know what you're looking for, you can choose a more specific monitoring tool. If it's network communication (even over a loopback interface), you could try capturing the data with something like WinDump. If the communication is via shared memory, you could attach a debugger to one of the two processes and inspect the shared memory periodically.
