Reversing OLE

Last modified: 2024-02-18

Reverse Engineering

OLE is a mechanism that allows users to create and edit documents containing items or "objects" created by multiple applications.


It dumps the information of the OLE files. example.doc

# -s: stream number to analyze
# -d: dump -s 8 -d example.doc -s 9 -d example.doc

Then decrypt the output using online tools like CyberChef.


Download the Oletools to use it.

olevba example.docm

Copy the above Visual Basic code, and access to OneCompiler.
Select the programming language "Visual Basic".
Paste the copied code to the editor, then click Run.