As you can see in my list of apps I have the Mail app running. If select the mail app and then right click and choose “Open File Location” I find that I am blocked by permissioning.
Ok so that seems right, Microsoft don’t want me looking at all their code so I will have to do a little more to gain access. Of course I know I should have access as I need to run the apps so at the very least I should have read access.
That said we are not even 100% sure that the mail apps and people apps etc run in the container. Therefore its back to our old friend process monitor in order to see what’s going on when we run the apps. After a quick capture I can see that when running the Mail app there is a lot of activity in the process LiveComm.exe.
If I look at the process information for one of these entries I can find the location of where this process is actually running.
Ok that looks promising, taking the location of the exe and popping into explorer I can now browse directly to the folder and see its contents. As expected this looks like the apps execution directory and we can see all the files for each of the common “Live” apps.
Now all you need to do is go browsing through the js files to learn how to develop your apps with the same way Microsoft has or dig our reflector for .net stuff.
You should be able to use this approach for most types of apps. Obviously C++ apps will probably be the most secure when it comes to decompilation. Also note, you cannot change any of files as all assets etc are digitally signed and will be checked when you try and run them in Windows8.