I've ran into an issue when trying to dissect the CLSID for Outlook. I am able to pull data about the exports using Powershell, but I am unable to replicate the same data with OleView and the original OLE Object Viewer.
In order to capture the data in Powershell, I follow the same outline defined by Mandiant here
You can see in the image below that the Methods are exposed and can see the functions provided by the COM Object:
However, trying to replicate this in OleView, I am unable to get similar datasets.
And I get a different error when trying to use the legacy OleViewer:
Few notes:
I have Windows 10 SDK and I'm using the dbghelp.dll from that install. Here is a snapshot of my settings:
Is this an issue of Ole Viewer(s) not being able to parse the COM Object itself? Or is it something where we have to go deeper because of how the COM object is being instantiated?
I've ran into an issue when trying to dissect the CLSID for Outlook. I am able to pull data about the exports using Powershell, but I am unable to replicate the same data with OleView and the original OLE Object Viewer.
In order to capture the data in Powershell, I follow the same outline defined by Mandiant here
Specifically:
You can see in the image below that the Methods are exposed and can see the functions provided by the COM Object:
However, trying to replicate this in OleView, I am unable to get similar datasets.
And I get a different error when trying to use the legacy OleViewer:
Few notes:
I have Windows 10 SDK and I'm using the dbghelp.dll from that install. Here is a snapshot of my settings:
Is this an issue of Ole Viewer(s) not being able to parse the COM Object itself? Or is it something where we have to go deeper because of how the COM object is being instantiated?