Hi,

I have an activex control and I am trying to figure out how to locate the code that is called by a specific function.

I need to figure out the calculation the OCX is performing but the best I can find at the moment is that it is (From OLEViewer):

[id(0x00002b66), helpstring("Ò¿¯ÄÞ Func11110"]
int Func11110();

How can I find out what code that id (0x00002b66) refers to so I can dig a little deeper?

Many thanks

Hi,

There's a cool plugin for IDA that does this job: http://www.openrce.org/downloads/details/10/Com_Plugin_v1.2

It will automatically rename sub_xxx functions to the corresponding one from the COM type library.

If I remember correctly the plugin was compiled against an old version of IDA and it doesn't work anymore on newer versions. You might need to recompile it using the IDA SDK.

Salut Neitsa!

Many thanks for that - I will look into it.

Much appreciated!

bb

Just as a thought, once he gets it compiled for a modern IDA, is this something that we could add to the CRCETL?

As soon as I succeed in getting it compiled (which for some reason I am having a little problem with atm), if it doesn't break any board rules, I am more than happy to upload it.

Will try and have a better look at it this afternoon.

bb

Any news here?

Also, there are of course already some COM tools in the CRCETL that might be useful:

http://www.woodmann.com/collaborative/tools/Category:COM_Tools

Still haven't managed to get it compiled and working. Getting some odd errors with one of the IDA plugins from the CRCTEL.

Unfortunately some real life issues are preventing me giving this my full attention at this point. Hopefully they will pass without incident and I will be able to get back to it