The other day, Microsoft came out with “Microsoft Pro Photo Tools” which allows you to geocode your photos. It is a pretty cool app, but there are some things that I wonder, like why didn’t they just build this functionality into Windows Live Photo Gallery?
Anyway’s, with any new thing I download and play around with, I started digging into stuff. I looked in the install directory, C:Program FilesMicrosoft Pro Photo Tools and noticed that there are some Interop assemblies and other assemblies, etc. I fired up Reflector and started disassembling the assemblies and exe. Pretty cool stuff, you can see what they are doing. Using xaml forms, etc. The cool stuff is the Location based stuff.
Microsoft has MapPoint web services which you can use/sign up for, but they cost a pretty penny. I have used some of these web services in the past and they have a ton of functionality.
Like I said, digging through the disassembled stuff in Reflector, I saw a method “GetLatitudeLongitude()” which takes in country, state, city, address, zip and returns a lat long object. But, you need a “MapPointWrapper” object to use it.
I fired up Visual Studio 2008, and then referenced the assemblies in the Pro Photo Tools directory so I could use them in code. I created a test WinForms app, and started hacking away.
Looking at the MapPointWrapper class constructor in Reflector, I noticed that it needs a username, password, URL, and timeout, the first three I don’t have – but I bet I could find!!
Here you can see the constructor as it looks in Reflector. The thing I noticed right away is that they have the username and password embedded in the function, although its all “encoded”, then blend the strings together to create default credentials. Their blend method is using some bitwise operators, etc, if you are interested, you can just click on the Blend method and it browses to that (did I mention Reflector is cool??) – anyway’s, I still need a URL…
Reflector lets you click on a class and “analyze” it, which gives you what classed depend on it, which classes use it etc. Just going through the list for MapPointWrapper, I found one that showed how they call the constructor.
That’s the ticket! You can see they are passing in empty strings for user/pass (which then gets converted to the correct user/pass by the constructor) and then the URL is right there!!! nice! We can use this!!
Now, on to using this functionality in our own app!!
Now, this will give you the lat/long back from MapPoint! Sweet. Now we can start digging into everything else – what else do these assemblies expose?? Can I get routes? directions? Maps? etc, etc, etc. There is a plethora of things to dig into. It looks like they are just using Virtual Earth though to get maps, not MapPoint (from what I can tell anyways).
I know there are a ton of other ways to get this info, but this was basically a test to reverse engineer their assemblies and use the functionality. I don’t recommend or condone hacking/reverse engineering assemblies like this for profit, more for fun , in other words – don’t use this in a production app as Microsoft would probably find out and come hunt you down.
This post is also just an example of how .NET code can be disassembled easily and re-used, for good, or evil 🙂
There are some basic things that every developer should do with .NET desktop apps – use Dotfuscator (which just obfuscates your code, making it harder/not feasible to reverse engineer, and also encrypt any strings/values you don’t want anyone else using or reading. That being said, Reflector is a great way to see how other applications are coded, and learn how they work. Happy