How to discover app DCOM interface structure

Hi, my problem is:

I have 2 apps using DCOM for remote interaction. Have no source code of this apps (just exe). Task - get to know the structure of server app (dcom interfaces, in/out params...) to write a new server app having the same interfaces.

Have tryed to sniff network pakets by Microsoft NetMonitor, and result is:

NM successfuly parse the traffic on RPC protocol level, but not DCOM payload:

- RPC: c/o Request: unknown Call=0x7 Opnum=0x3 Context=0x1 Hint=0x24
- MSRPCRpcconnRequestHdrT Request:
...
- StubData: 36 bytes
- MSRPCStubData StubData: 0x1
- BLOB MSRPCPayload: Binary Large Object (36 Bytes)

In my situation MSRPCPayload is DCOM. NM has DCOM parser - but unfortunately it's shows payload only as a blob.

Have no idea how to solve whis problem. Is there any other ways to discover structure of dcom interfaces?
Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories