This is my first time, that I stumble on CEF or Chromium Embedded Framework.
I don't know how to debug it or with what king of tool to do it.
There is little or no information on how to approach this kind of apps, so I decided to make a post hire, if someone can give me information about reversing this kind of apps.
The app is 64bit, it seems to start 3 processes. They are with the app name, but I think they are Crome processes.
First of all, I'm not sure if Chrome uses some kind of anti-debugging technique to hide or stop debuggers.
I try to debug the app with Chrome Dev Tools and it worked.
I launched the app with this parameters: app.exe --remote-debugging-port=9222 --user-data-dir=remote-profile
After the app is started I launch Crome -> chrome://inspect/#devices
On Target I see the app that is listening on 9999 localhost port.
If I press inspect I can open all javascript files for inspection on Chrome Developer Tools.
So, first of all, I can only see javascript files and I can't edit them. I can edit functions returns... and I can see their results, but this is only in debug mode in Chrome Developer Tools.
The biggest problem is that these javascript functions pass their arguments to another process, that process them and pass it back again with the results. I have trouble analyze who is this process and can't find where this js function passes their arguments.

Window Detective find this process CLASS as Chrome_WidgetWin_0 -> Chrome_RenderWindgetHostHWND. I think this is the process that manages js files, but I can't understand where it passes his arguments...

The easiest way to break this app is if I can find a way to edit these js files, but I'm not sure if it's possible. The other thing is that these files are generated every time when the app is starting, so they must be patched on in-memory when the proccess is starting, or it must be found in the app, or parched after they are extracted... I'm not sure...
The other way is to find this process that communicate with the js functions, and debug it.
So please if anyone have some sugesstions, about tools and methods for debugging... I'm open to try them.

| Сообщение посчитали полезным:

As a follow up to the topic I posted above ...
Although I have no experience with CEF, I continued to look for a solution to the above problems.
First of all, setting these parameters helped a lot --remote-debugging-port = 9222 --user-data-dir = remote-profile, they revealed the entire structure of the JS files.
As a next step, it helped me a lot Process Monitor, showing me the application, how it communicates with another application, and on which port. These JS files turn to another process and wait for a response from it.
And the real breakthrough came thanks to Fiddler. With this proxy, I captured all the traffic between the two processes.
Fiddler also gave the decision how to manipulate function results, the program became a proxy between the two processes, captured the result of the functions, and thanks to Fiddler I made several filters that constantly manipulated the results of the JS functions.
This CEF application was beaten in a very elegant way without the need to patch the exe file. It works flawlessly without noticing that traffic goes through the proxy. I recommend it to anyone who has encountered this CEF framework.

| Сообщение посчитали полезным: