nikolatesla20
September 30th, 2003, 17:23
I've always wanted to make a tool to find the RVA of a COM procedure, and figured the only way to do it effectively would be to use the type library, so I started researching how to read type libraries, and I happened upon this....
Lo and behold I finally found an article by that genius Matt at Compuware, who's already did it...I've looked for this info a long time ago and never found anything...must be new?
Anyway, here is the source files AND EXE's/ DLL's to do this. Just run the CoClassSyms.exe from the command line, passing in the path to the DLL/OCX you wish to extract from. It will generate a DBG file containing all the CoClass members (functions) which you can then load into IDA (or SoftICE). Wallah! Now you know exactly where the member functions are.
Enjoy
-nt20
Lo and behold I finally found an article by that genius Matt at Compuware, who's already did it...I've looked for this info a long time ago and never found anything...must be new?
Anyway, here is the source files AND EXE's/ DLL's to do this. Just run the CoClassSyms.exe from the command line, passing in the path to the DLL/OCX you wish to extract from. It will generate a DBG file containing all the CoClass members (functions) which you can then load into IDA (or SoftICE). Wallah! Now you know exactly where the member functions are.
Enjoy
-nt20