mIDA Plugin v1.0.10を実際に使ってみた結果がこちら
---------------------------------------------------
mIDA Plugin v1.0.10
Copyright (C) 2006, Tenable Network Security
---------------------------------------------------
Scanning database for MIDL structures ...
Found MIDL structure at address 0x79497438 : 3ba0ffc0-93fc-11d0-a4ec-00a0c9062910 v1.0
Found MIDL structure at address 0x79497FA0 : 98fe2c90-a542-11d0-a4ef-00a0c9062910 v1.0
Opcode : 0x00 , address : 0x794981C6, name : sub_794981C6
Opcode : 0x01 , address : 0x794D27D9, name : sub_794D27D9
Opcode : 0x02 , address : 0x794D146F, name : sub_794D146F
Found MIDL structure at address 0x794999C8 : 338cd001-2244-31f1-aaaa-900038001003 v1.0
Found MIDL structure at address 0x79499C40 : 894de0c0-0d55-11d3-a322-00c04fa321a1 v1.0
Found MIDL structure at address 0x79499D18 : 8c7daf44-b6dc-11d1-9a4c-0020af6e7c57 v1.0
Found MIDL structure at address 0x7949A588 : 12345778-1234-abcd-ef00-0123456789ab v0.0
Found MIDL structure at address 0x7949CF28 : 367abb81-9844-35f1-ad32-98f038001003 v2.0
Found MIDL structure at address 0x7949D3B8 : 82273fdc-e32a-18c3-3f78-827929dc23ea v0.0
Number of MIDL structures found: 8 |
これ、第1パラメータのMIDL_STUB_DESCしか見てないよね・ω・ がーん
どっちかと言うと rpcdump に近い事やってるようだ・ω・
network_security_assessment_second_edition.pdf
Comments