exe) that works almost exactly like AxEnum.exe to
dump their associated typelib information. In fact, if you compare axscan.cpp from the
AxMan package to axenum.cpp, you??™ll see that H.D. ripped most of axscan straight from
AxEnum (and gives credit to Shane in the comments). However, the output from AxEnum
is a more human-readable format, which is the reason for first introducing AxEnum
earlier.
Axman.exe (the enumeration tool) runs from the command line on your test system
where you??™ll be fuzzing. It takes as a single argument the directory where you??™d like to
store the output files. Just as with axenum.exe, running axman.exe will probably take a
couple of hours to complete and will pop up various dialog boxes and whatnot along the
way as new processes spawn. When it finishes running, the directory you passed to the
program will have hundreds of files. Most of them will be named in the form {CLSID}.js
like ???{00000514-0000-0010-8000-00AA006D2EA4}.js???. The other important file in this
directory is named objects.js and lists the clsid of every registeredCOMobject. It looks like
this:
var ax_objects = new Array(
'CLSID',
'{0000002F-0000-0000-C000-000000000046}',
'{00000100-0000-0010-8000-00AA006D2EA4}',
'{00000101-0000-0010-8000-00AA006D2EA4}',
'{00000103-0000-0010-8000-00AA006D2EA4}',
'{00000104-0000-0010-8000-00AA006D2EA4}',
'{00000105-0000-0010-8000-00AA006D2EA4}',
??¦
'{FFCDB781-D71C-4D10-BD5F-0492EAFFD90A}',
'{ffd90217-f7c2-4434-9ee1-6f1b530db20f}',
'{FFE2A43C-56B9-4bf5-9A79-CC6D4285608A}',
'{FFF30EA1-AACE-4798-8781-D8CA8F655BCA}'
);
If you get impatient enumerating registeredCOMobjects and kill axman.
Pages:
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684