Editing the File History Info

The previous version of this article showed how Pro/E Wildfire wrote the Audit Trail history in a readily readable and somewhat editable text block inside the files. The sneaky programmers at PTC have subsequently in Creo releases moved the Audit Trail block into the binary sections. This article shows you we can use a binary editor such as xvi to hack a Creo file such that the Audit History can be partially edited.


The File History in Creo for a file looks similar to the image below. Notice how we can see columns for Item Name, Change Description, Detailed 'Info', Comment, User and Date/Time. The goal for this hack is to be able to fiddle with this information which is not editable with the standard UI.

Open up one of your parts in a binary editor and do a Search for 'Hostname'. I've used one of PTC's start models as an example.

See how you can just about make out the names inside quotes for the hostnames. Now because the programmers switched into binary, we can't just delete bytes out of this file. If you do that you'll find the file will be reported as corrupt by Creo and it will not be opened. I spent a little time trying to figure out if the pointers that deliniate the blocks exist but so far it's obvious that I'm just an amateur with a day job and didn't find it. Instead I merely am able to point out that you can overwrite the Audit Trail bytes with your choice.


Now I have a hunch that it wouldn't take much effort to decode the pointer stacks for the binary chunks such that we could properly add or remove characters or even whole lines from the information. I've so far convinced myself that this 'second' hex value in the files 'Table of Contents' is the width of the PDM_trail binary section. It appears that the other sections also repeat this pattern.


I do admit that cracking the code will be a bit more tedious than it was in Pro/E Wildfire. However there are some long winter nights coming up so I'm expecting to have a go then.


What is most interesting though is that much of the information inside the model can still to this day be read as plain text. Things like:

  • Layer Names
  • View Names
  • Feature Names
  • Parameters
  • External References

    It doesn't seem like it wouldn't take much hacking to write a simple script to grab such info straight from the disk files without having to go through the official API's. If you're interested, in the winter of 2014 watch this space. FWIW the File History appears on first inspection to be embeded into the MdlStatus section.



    I beleive it will be possible for unscrupulous students (yes you, who is looking for a way to copy homework) to hack the File History section. If you're a professor on the other hand reading this and you suspect they hacked the file, then let's face it they deserve a special weasel award anway. The way this hack is left today means that it isn't as usefull for cleaning up your start parts audit trail information. And of course PTC will not condone the use of this technique, use it at your own risk.