OleViewDotNet.psm1

# This file is part of OleViewDotNet.
# Copyright (C) James Forshaw 2018
#
# OleViewDotNet is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# OleViewDotNet is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with OleViewDotNet. If not, see <http://www.gnu.org/licenses/>.

Set-StrictMode -Version Latest

$Script:CurrentComDatabase = $null
[OleViewDotNetPS.Wrappers.COMWrapperFactory]::EnableScripting()

function New-CallbackProgress {
    Param(
        [parameter(Mandatory)]
        [string]$Activity,
        [switch]$NoProgress
    )

    if ($NoProgress) {
        $callback = {}
    } else {
        $callback = { Write-Progress -Activity $args[0] -Status "Processing $($args[1])" -PercentComplete $args[2] }
    }

    [OleViewDotNetPS.Utils.CallbackProgress]::new($Activity, [Action[string, string, int]]$callback)
}

function Resolve-LocalPath {
    [CmdletBinding()]
    Param(
        [Parameter(Mandatory, Position = 0)]
        [string]$Path
    )
    $ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath($Path)
}

function Wrap-ComObject {
    [CmdletBinding(DefaultParameterSetName = "FromType")]
    Param(
        [Parameter(Mandatory, Position = 0)]
        [object]$Object,
        [Parameter(Mandatory, Position = 1, ParameterSetName = "FromIid")]
        [Guid]$Iid,
        [Parameter(Mandatory, Position = 1, ParameterSetName = "FromType")]
        [Type]$Type,
        [Parameter(Mandatory, Position = 1, ParameterSetName = "FromInterface")]
        [OleViewDotNet.Database.COMInterfaceEntry]$Interface,
        [Parameter(Mandatory, Position = 1, ParameterSetName = "FromInterfaceInstance")]
        [OleViewDotNet.Database.COMInterfaceInstance]$InterfaceInstance,
        [Parameter(Mandatory, Position = 1, ParameterSetName = "FromIpid")]
        [OleViewDotNet.Processes.COMIPIDEntry]$Ipid,
        [switch]$NoWrapper,
        [OleViewDotNet.Database.COMRegistry]$Database
    )

    if ($NoWrapper) {
        return $Object
    }

    $db = Get-CurrentComDatabase $Database
    if ($null -eq $db) {
        Write-Error "No database specified and current database isn't set"
        return
    }

    switch($PSCmdlet.ParameterSetName) {
        "FromIid" {
            [OleViewDotNet.TypeManager.COMTypeManager]::Wrap($Object, $Iid, $db)
        }
        "FromType" {
            [OleViewDotNet.TypeManager.COMTypeManager]::Wrap($Object, $Type, $db)
        }
        "FromInterface" {
            [OleViewDotNet.TypeManager.COMTypeManager]::Wrap($Object, $Interface)
        }
        "FromInterfaceInstance" {
            [OleViewDotNet.TypeManager.COMTypeManager]::Wrap($Object, $InterfaceInstance)
        }
        "FromIpid" {
            [OleViewDotNet.TypeManager.COMTypeManager]::Wrap($Object, $Ipid)
        }
    }
}

function Unwrap-ComObject {
    [CmdletBinding(DefaultParameterSetName = "FromType")]
    Param(
        [Parameter(Mandatory, Position = 0)]
        [object]$Object
    )

    [OleViewDotNet.TypeManager.COMTypeManager]::Unwrap($Object)
}

<#
.SYNOPSIS
Wrap a COM object inside a callable wrapper.
.DESCRIPTION
This cmdlet generates a callable wrapper for a COM interface and wraps the object.
.PARAMETER Object
The object to wrap.
.PARAMETER Iid
The interface ID to base the wrapper on.
.PARAMETER Database
Specify to indicate the database to get interface information from.
.PARAMETER Type
The existing interface type to wrap with.
.PARAMETER Interface
A COM interface from a database. If no existing interface exists for this class it'll try and build one from its proxy.
#>

function Get-ComObjectInterface {
    [CmdletBinding(DefaultParameterSetName = "FromType")]
    Param(
        [Parameter(Mandatory, Position = 0, ValueFromPipeline)]
        [object[]]$Object,
        [Parameter(Mandatory, Position = 1, ParameterSetName = "FromIid")]
        [Guid]$Iid,
        [Parameter(ParameterSetName = "FromIid")]
        [OleViewDotNet.Database.COMRegistry]$Database,
        [Parameter(Mandatory, Position = 1, ParameterSetName = "FromType")]
        [Type]$Type,
        [Parameter(Mandatory, Position = 1, ParameterSetName = "FromInterface")]
        [OleViewDotNet.Database.COMInterfaceEntry]$Interface,
        [Parameter(Mandatory, Position = 1, ParameterSetName = "FromInterfaceInstance")]
        [OleViewDotNet.Database.COMInterfaceInstance]$InterfaceInstance
    )

    PROCESS {
        foreach($o in $Object) {
            $o = Unwrap-ComObject $o
            switch($PSCmdlet.ParameterSetName) {
                "FromIid" {
                    Wrap-ComObject -Object $o -Iid $Iid -Database $Database | Write-Output
                }
                "FromType" {
                    Wrap-ComObject -Object $o -Type $Type | Write-Output
                }
                "FromInterface" {
                    Wrap-ComObject -Object $o -Interface $Interface | Write-Output
                }
                "FromInterfaceInstance" {
                    Wrap-ComObject -Object $o -InterfaceInstance $InterfaceInstance | Write-Output
                }
            }
        }
    }
}

<#
.SYNOPSIS
Adds interface types from an assembly.
.DESCRIPTION
This cmdlet adds interface types from an assembly.
.PARAMETER Assembly
The assembly to load the types from.
.PARAMETER Path
The path to the assembly to load.
.PARAMETER AutoLoad
Copy the assembly to the cache and automatically load it next time.
#>

function Add-ComObjectInterface {
    [CmdletBinding(DefaultParameterSetName="FromPath")]
    Param(
        [Parameter(Mandatory, Position = 0, ParameterSetName="FromPath")]
        [string]$Path,
        [Parameter(Mandatory, Position = 0, ValueFromPipeline, ParameterSetName="FromAssembly")]
        [System.Reflection.Assembly]$Assembly,
        [switch]$AutoLoad
    )

    PROCESS {
        try {
            if ($PSCmdlet -eq "FromAssembly") {
                [OleViewDotNet.TypeManager.COMTypeManager]::LoadTypesFromAssembly($Assembly, $AutoLoad)
            } else {
                [OleViewDotNet.TypeManager.COMTypeManager]::LoadTypesFromAssembly($Path, $AutoLoad)
            }
        } catch {
            Write-Error $_
        }
    }
}

<#
.SYNOPSIS
Gets the current COM database.
.DESCRIPTION
This cmdlet gets the current COM database.
.PARAMETER Database
This function returns $Database if it's not $null, otherwise returns the current database.
#>

function Get-CurrentComDatabase {
    Param(
        [parameter(Position=0)]
        [OleViewDotNet.Database.COMRegistry]$Database
    )

    if ($null -ne $Database) {
        $Database
    } else {
        if ($null -eq $Script:CurrentComDatabase) {
            Get-ComDatabase -Default
        }
        $Script:CurrentComDatabase
    }
}

<#
.SYNOPSIS
Sets the current COM database.
.DESCRIPTION
This cmdlet sets the current COM database. It allows you to load a COM database and not need to pass it as a parameter.
.PARAMETER Database
The database to set as the current database. You can specify $null to remove the current.
#>

function Set-CurrentComDatabase {
    Param(
        [parameter(Mandatory, Position=0)]
        [AllowNull()]
        [OleViewDotNet.Database.COMRegistry]$Database
    )
    $Script:CurrentComDatabase = $Database
}

<#
.SYNOPSIS
Get a COM database from the registry or a file.
.DESCRIPTION
This cmdlet loads a COM registration information database from the current registry or a file and returns an object which can be inspected or passed to other methods. The
database will be set as the current global data unless -PassThru is specified.
.PARAMETER LoadMode
Specify what to load from the registry.
.PARAMETER User
Specify a user to load when loading user-specific COM registration information.
.PARAMETER Path
Specify a path to load a saved COM database.
.PARAMETER NoProgress
Don't show progress for load.
.PARAMETER PassThru
Specify to return the loaded database.
.PARAMETER Default
Specify to load the default database, this is from a static file or from the registry.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Database.COMRegistry
.EXAMPLE
Get-ComDatabase
Load merged COM database from the registry.
.EXAMPLE
Get-ComDatabase -LoadMode UserOnly
Load a user-only database for the current user.
.EXAMPLE
Get-ComDatabase -User S-1-5-X-Y-Z
Load a merged COM database including user-only information from the user SID.
.EXAMPLE
$db = Get-ComDatabase -PassThru
Load a merged COM database from the registry and return it as an object.
.EXAMPLE
Get-ComDatabase -Default
Load the default database.
#>

function Get-ComDatabase {
    [CmdletBinding(DefaultParameterSetName = "FromRegistry")]
    Param(
        [Parameter(ParameterSetName = "FromRegistry")]
        [OleViewDotNet.Database.COMRegistryMode]$LoadMode = "Merged",
        [Parameter(ParameterSetName = "FromRegistry")]
        [OleViewDotNet.Security.COMSid]$User,
        [Parameter(ParameterSetName = "FromRegistry")]
        [string]$IidNameCachePath,
        [Parameter(Mandatory, ParameterSetName = "FromFile", Position = 0)]
        [string]$Path,
        [Parameter(Mandatory, ParameterSetName = "FromDefault")]
        [switch]$Default,
        [switch]$NoProgress,
        [switch]$PassThru
    )

    try {
        $callback = New-CallbackProgress -Activity "Loading COM Registry" -NoProgress:$NoProgress
        $comdb = switch($PSCmdlet.ParameterSetName) {
            "FromRegistry" {
                if ("" -ne $IidNameCachePath) {
                    $IidNameCachePath = Resolve-Path $IidNameCachePath
                }
                [OleViewDotNet.Database.COMRegistry]::Load($LoadMode, $User, $callback, $IidNameCachePath)
            }
            "FromFile" {
                $Path = Resolve-Path $Path
                [OleViewDotNet.Database.COMRegistry]::Load($Path, $callback)
            }
            "FromDefault" {
                $Path = [OleViewDotNet.ProgramSettings]::GetDefaultDatabasePath($false)
                if (Test-Path $Path) {
                    [OleViewDotNet.Database.COMRegistry]::Load($Path, $callback)
                } else {
                    $result = $Host.UI.PromptForChoice("Load COM Database?", `
                        "No default database available, do you want to load from the registry?", @("&Yes", "&No"), 0)
                    if ($result -eq 0) {
                        [OleViewDotNet.Database.COMRegistry]::Load($LoadMode, $null, $callback)
                    } else {
                        return
                    }
                }
            }
        }

        if ($PassThru) {
            Write-Output $comdb
        } else {
            Set-CurrentComDatabase $comdb
        }
    } catch {
        Write-Error $_
    }
}

<#
.SYNOPSIS
Save a COM database to a file.
.DESCRIPTION
This cmdlet saves a COM registration database to a file.
.PARAMETER Path
The path to save the database to.
.PARAMETER Database
The database to save.
.PARAMETER NoProgress
Don't show progress for save.
.PARAMETER Default
Save to the default database location.
.INPUTS
None
.OUTPUTS
None
.EXAMPLE
Set-ComDatabase -Path output.db
Save the current database to the file output.db
.EXAMPLE
Set-ComDatabase -Path output.db -Database $comdb
Save a specific database to the file output.db
#>

function Set-ComDatabase {
    [CmdletBinding(DefaultParameterSetName="ToPath")]
    Param(
        [Parameter(Mandatory,Position=0, ParameterSetName="ToPath")]
        [string]$Path,
        [Parameter(Mandatory,Position=0, ParameterSetName="ToDefault")]
        [switch]$Default,
        [OleViewDotNet.Database.COMRegistry]$Database,
        [switch]$NoProgress
    )

    $Database = Get-CurrentComDatabase $Database
    if ($null -eq $Database) {
        Write-Error "No database specified and current database isn't set"
        return
    }

    if ($Default -and $Database.LoadingMode -ne "Merged") {
        Write-Error "Can't save a non-merged database as the default."
        return
    }

    try {
        $callback = New-CallbackProgress -Activity "Saving COM Registry" -NoProgress:$NoProgress
        if ($PSCmdlet.ParameterSetName -eq "ToPath") {
            $Path = Resolve-LocalPath $Path
        } else {
            $Path = [OleViewDotNet.ProgramSettings]::GetDefaultDatabasePath($true)
        }
        $Database.Save($Path, $callback)
    } catch {
        Write-Error $_
    }
}

<#
.SYNOPSIS
Delete the default COM database file.
.DESCRIPTION
This cmdlet removes the default COM database file.
.INPUTS
None
.OUTPUTS
None
#>

function Clear-ComDatabase {
    try {
        $Path = [OleViewDotNet.ProgramSettings]::GetDefaultDatabasePath($false)
        Remove-Item $Path
    } catch {
        Write-Error $_
    }
}

<#
.SYNOPSIS
Compares two COM databases and returns the difference.
.DESCRIPTION
The cmdlet compares two COM database, generates the difference and returns a new database with only the differences.
.PARAMETER Left
The database to the left of the comparison.
.PARAMETER Right
The database to the right of the comparison.
.PARAMETER DiffMode
Specify which database information to preserve in the diff, choice between left (default) or right.
.PARAMETER NoProgress
Don't show progress for compare.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Database.COMRegistry
.EXAMPLE
Compare-ComRegistry -Left $comdb1 -Right $comdb2
Compare two databases, returning the differences in the left database.
.EXAMPLE
Compare-ComRegistry -Left $comdb1 -Right $comdb2 -DiffMode RightOnly
Compare two databases, returning the differences in the right database.
#>

function Compare-ComDatabase {
    [CmdletBinding()]
    Param(
        [Parameter(Mandatory, Position = 0)]
        [OleViewDotNet.Database.COMRegistry]$Left,
        [Parameter(Mandatory, Position = 1)]
        [OleViewDotNet.Database.COMRegistry]$Right,
        [OleViewDotNet.Database.COMRegistryDiffMode]$DiffMode = "LeftOnly",
        [switch]$NoProgress
    )
    $callback = New-CallbackProgress -Activity "Comparing COM Registries" -NoProgress:$NoProgress
    [OleViewDotNet.Database.COMRegistry]::Diff($Left, $Right, $DiffMode, $callback)
}

function Where-HasComServer {
    [CmdletBinding()]
    Param(
        [Parameter(Mandatory, ValueFromPipeline)]
        [OleViewDotNet.Database.COMCLSIDEntry]$ClassEntry,
        [string]$ServerName,
        [OleViewDotNet.Database.COMServerType]$ServerType
    )

    PROCESS {
        $write_to_output = $false
        if ($ServerType -eq "UnknownServer") {
            foreach($server in $ClassEntry.Servers.Values) {
                if ($server.Server -match $ServerName) {
                    $write_to_output = $true
                    break
                }
            }
        } else {
            $write_to_output = $ClassEntry.Servers.ContainsKey($ServerType) -and $ClassEntry.Servers[$ServerType].Server -match $ServerName
        }

        if ($write_to_output) {
            Write-Output $ClassEntry
        }
    }
}

<#
.SYNOPSIS
Get COM classes from a database.
.DESCRIPTION
This cmdlet gets COM classes from the database based on a set of criteria. The default is to return all registered classes.
.PARAMETER Database
The database to use.
.PARAMETER Clsid
Specify a CLSID to lookup.
.PARAMETER AllowNoReg
Allows the class entry to be returned even if not registered.
.PARAMETER Name
Specify a name which equals the class name.
.PARAMETER ServerName
Specify a server name to match against.
.PARAMETER ServerType
Specify a type of server to match against. If specified as UnknownServer will search all servers.
.PARAMETER InteractiveUser
Specify that the COM classes should be configured to run as the Interactive User.
.PARAMETER ProgId
Specify looking up the COM class from a ProgID.
.PARAMETER Iid
Specify looking up a COM class based on it's proxy IID.
.PARAMETER Object
Specify looking up the COM class based on an object instance. Needs to support an IPersist inteface to extract the CLSID.
.PARAMETER CatId
Specify looking up the COM classes based on a category ID.
.PARAMETER CatName
Specify looking up the COM classes based on a category name.
.PARAMETER Source
Specify looking up the COM classes based on a source type.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Database.COMCLSIDEntry
.EXAMPLE
Get-ComClass
Get all COM classes from the current databae.
.EXAMPLE
Get-ComClass -Database $comdb
Get all COM classes from a database.
.EXAMPLE
Get-ComClass -Clsid "ffe1df5f-9f06-46d3-af27-f1fc10d63892"
Get a COM class with a specified CLSID.
.EXAMPLE
Get-ComClass -PartialClsid "ffe1df5f"
Get COM classes with a partial CLSID.
.EXAMPLE
Get-ComClass -Name "TestClass"
Get COM classes which where the name is TestClass.
.EXAMPLE
Get-ComClass -ServerName "obj.ocx"
Get COM classes which are implemented in a server containing the string "obj.ocx"
.EXAMPLE
Get-ComClass -ServerType InProcServer32
Get COM classes which are registered with an in-process server.
.EXAMPLE
Get-ComClass -Iid "00000001-0000-0000-C000-000000000046"
Get COM class registered as an interface proxy for a specific IID.
.EXAMPLE
Get-ComClass -ProgId htafile
Get COM class from a Prog ID.
.EXAMPLE
Get-ComClass -InteractiveUser
Get COM classes registered to run as the interactive user.
.EXAMPLE
Get-ComClass -Service
Get COM classes registered to run inside a service.
.EXAMPLE
Get-ComClass -ServiceName "ExampleService"
Get COM classes registered to run inside a service with a specific name.
.EXAMPLE
Get-ComClass -Object $obj
Get COM class based on an object instance.
.EXAMPLE
Get-ComClass -CatId "62c8fe65-4ebb-45e7-b440-6e39b2cdbf29"
Get COM classes in a category with ID 62c8fe65-4ebb-45e7-b440-6e39b2cdbf29.
.EXAMPLE
Get-ComClass -CatName ".NET Category"
Get COM classes in the .NET category.
.EXAMPLE
Get-ComClass -Source Packaged
Get COM classes which came from packaged COM source.
#>

function Get-ComClass {
    [CmdletBinding(DefaultParameterSetName = "All")]
    Param(
        [OleViewDotNet.Database.COMRegistry]$Database,
        [Parameter(Position = 0, Mandatory, ParameterSetName = "FromClsid")]
        [Guid]$Clsid,
        [Parameter(Mandatory, ParameterSetName = "FromPartialClsid")]
        [string]$PartialClsid,
        [Parameter(ParameterSetName = "FromClsid")]
        [switch]$AllowNoReg,
        [Parameter(Mandatory, ParameterSetName = "FromName")]
        [string]$Name,
        [Parameter(ParameterSetName = "FromServer")]
        [string]$ServerName = "",
        [Parameter(ParameterSetName = "FromServer")]
        [OleViewDotNet.Database.COMServerType]$ServerType = "UnknownServer",
        [Parameter(Mandatory, ParameterSetName = "FromIid")]
        [Guid]$Iid,
        [Parameter(Mandatory, ParameterSetName = "FromProgId")]
        [string]$ProgId,
        [Parameter(Mandatory, ParameterSetName = "FromIU")]
        [switch]$InteractiveUser,
        [Parameter(Mandatory, ParameterSetName = "FromService")]
        [switch]$Service,
        [Parameter(Mandatory, ParameterSetName = "FromServiceName")]
        [string]$ServiceName,
        [Parameter(Mandatory, ParameterSetName = "FromObject")]
        [object]$Object,
        [Parameter(Mandatory, ParameterSetName = "FromCatId")]
        [Guid]$CatId,
        [Parameter(Mandatory, ParameterSetName = "FromCatName")]
        [string]$CatName,
        [Parameter(Mandatory, ParameterSetName = "FromSource")]
        [OleViewDotNet.Database.COMRegistryEntrySource]$Source,
        [Parameter(Mandatory, ParameterSetName = "FromTrustedMarshaller")]
        [switch]$TrustedMarshaller,
        [Parameter(Mandatory, ParameterSetName = "FromProxy")]
        [switch]$Proxy
    )

    $Database = Get-CurrentComDatabase $Database
    if ($null -eq $Database) {
        Write-Error "No database specified and current database isn't set."
        return
    }

    switch($PSCmdlet.ParameterSetName) {
        "All" {
            Write-Output $Database.Clsids.Values
        }
        "FromClsid" {
            if ($AllowNoReg) {
                $Database.MapClsidToEntry($Clsid) | Write-Output
            } else {
                Write-Output $Database.Clsids[$Clsid]
            }
        }
        "FromPartialClsid" {
            Get-ComClass -Database $Database | Where-Object Clsid -Match $PartialClsid | Write-Output
        }
        "FromName" {
            Get-ComClass -Database $Database | Where-Object Name -eq $Name | Write-Output
        }
        "FromServer" {
            Get-ComClass -Database $Database | Where-HasComServer -ServerName $ServerName -ServerType $ServerType | Write-Output
        }
        "FromIid" {
            Write-Output $Database.MapIidToInterface($Iid).ProxyClassEntry
        }
        "FromProgId" {
            Write-Output $Database.MapProgIdToClsid($ProgId)
        }
        "FromIU" {
            Get-ComClass -Database $Database | Where-Object IsInteractiveUser | Write-Output
        }
        "FromService" {
            Get-ComClass -Database $Database | Where-Object { $_.HasAppID -and $_.AppIDEntry.IsService } | Write-Output
        }
        "FromServiceName" {
            Get-ComClass -Database $Database -Service | Where-Object { $_.AppIDEntry.ServiceName -eq $ServiceName } | Write-Output
        }
        "FromObject" {
            $Object = Unwrap-ComObject $Object
            $Clsid = [OleViewDotNet.Utilities.COMUtilities]::GetObjectClass($Object)
            if ($Clsid -ne [Guid]::Empty) {
                Get-ComClass -Database $Database -Clsid $Clsid | Write-Output
            }
        }
        "FromCatId" {
            Get-ComCategory -CatId $CatId | Select-Object -ExpandProperty ClassEntries | Write-Output
        }
        "FromCatName" {
            Get-ComCategory -Name $CatName | Select-Object -ExpandProperty ClassEntries | Write-Output
        }
        "FromSource" {
            Get-ComClass -Database $Database | Where-Object Source -eq $Source | Write-Output
        }
        "FromTrustedMarshaller" {
            Get-ComClass -Database $Database | Where-Object TrustedMarshaller
        }
        "FromProxy" {
            Get-ComClass -Database $Database | Where-Object Proxy
        }
    }
}

<#
.SYNOPSIS
Get COM process information.
.DESCRIPTION
This cmdlet opens a specified set of processes and extracts the COM information from them. For this to work you need symbol support.
.PARAMETER Database
The database to use to lookup information.
.PARAMETER Process
Specify a list of process objects to parse. You can get these from Get-Process cmdlet.
.PARAMETER ParseStubMethods
Specify to parse the method parameter information on a process stub.
.PARAMETER ResolveMethodNames
Specify to try and resolve method names for interfaces.
.PARAMETER ParseRegisteredClasses
Specify to parse classes registered by the process.
.PARAMETER ParseClients
Specify to parse client proxy information from the process.
.PARAMETER ParseActivationContext
Specify to parse process activation context.
.PARAMETER NoProgress
Don't show progress for process parsing.
.PARAMETER ServiceName
Specify names of services to parse.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Processes.COMProcessEntry
.EXAMPLE
Get-ComProcess
Get all COM processes using the current database.
.EXAMPLE
Get-ComProcess -Database $comdb
Get all COM processes.
.EXAMPLE
Get-Process notepad | Get-ComProcess
Get COM process from a list of processes.
#>

function Get-ComProcess {
    [CmdletBinding(DefaultParameterSetName = "All")]
    Param(
        [OleViewDotNet.Database.COMRegistry]$Database,
        [switch]$ParseStubMethods,
        [switch]$ResolveMethodNames,
        [switch]$ParseRegisteredClasses,
        [switch]$ParseClients,
        [switch]$ParseActivationContext,
        [parameter(Mandatory, ValueFromPipeline, ParameterSetName = "FromProcessId")]
        [alias("pid")]
        [int[]]$ProcessId,
        [parameter(Mandatory, ValueFromPipeline, ParameterSetName = "FromProcess")]
        [System.Diagnostics.Process[]]$Process,
        [parameter(Mandatory, ValueFromPipeline, ParameterSetName = "FromObjRef")]
        [OleViewDotNet.Marshaling.COMObjRef[]]$ObjRef,
        [parameter(Mandatory, ParameterSetName = "FromName")]
        [string]$Name,
        [parameter(Mandatory, ParameterSetName = "FromServiceName")]
        [string[]]$ServiceName,
        [switch]$NoProgress
    )

    BEGIN {
        $procs = @()
        $objrefs = @()
    }

    PROCESS {
        switch($PSCmdlet.ParameterSetName) {
            "All" {
                $procs = Get-Process
            }
            "FromProcessId" {
                $procs = Get-Process -Id $ProcessId
            }
            "FromProcess" {
                $procs += $Process
            }
            "FromObjRef" {
                $objrefs += $ObjRef
            }
            "FromName" {
                $procs = Get-Process -Name $Name
            }
        }
    }

    END {
        $Database = Get-CurrentComDatabase $Database
        if ($null -eq $Database) {
            Write-Error "No database specified and current database isn't set"
            return
        }
        $callback = New-CallbackProgress -Activity "Parsing COM Processes" -NoProgress:$NoProgress
        $config = [OleViewDotNet.Processes.COMProcessParserConfig]::new()
        $config.ParseStubMethods = $ParseStubMethods
        $config.ResolveMethodNames = $ResolveMethodNames
        $config.ParseRegisteredClasses = $ParseRegisteredClasses
        $config.ParseClients = $ParseClients
        $config.ParseActivationContext = $ParseActivationContext

        switch($PSCmdlet.ParameterSetName) {
            "FromObjRef" {
                [OleViewDotNet.Processes.COMProcessParser]::GetProcesses([OleViewDotNet.Marshaling.COMObjRef[]]$objrefs, $config, $callback, $Database) | Write-Output
            }
            "FromServiceName" {
                [OleViewDotNet.Processes.COMProcessParser]::GetProcesses($ServiceName, $config, $callback, $Database) | Write-Output
            }
            default {
                [OleViewDotNet.Processes.COMProcessParser]::GetProcesses([System.Diagnostics.Process[]]$procs, $config, $callback, $Database) | Write-Output
            }
        }
    }
}

<#
.SYNOPSIS
Start a log of COM activations in the current process.
.DESCRIPTION
This cmdlet starts a COM activation log for the current process. It will write out all
COM classes created until Stop-ComActivationLog is called.
.PARAMETER Database
Optional database to lookup names for activated objects.
.PARAMETER Path
Specify a path for the log file.
.PARAMETER Append
If specified then new entries will be appended to the log rather than replacing the log file.
.INPUTS
None
.OUTPUTS
None
.EXAMPLE
Start-ComActivationLog activations.log
Start COM activation log to activations.log.
.EXAMPLE
Start-ComActivationLog activations.log -Database $comdb
Start COM activation log to activations.log with a database for name lookup.
.EXAMPLE
Start-ComActivationLog activations.log -Append
Start COM activation log to activations.log appending new entries to the end of the file.
#>

function Start-ComActivationLog {
    [CmdletBinding()]
    Param(
        [Parameter(Mandatory, Position = 0)]
        [string]$Path,
        [switch]$Append,
        [OleViewDotNet.Database.COMRegistry]$Database
    )

    $Database = Get-CurrentComDatabase $Database
    $Path = Resolve-LocalPath $Path
    [OleViewDotNetPS.Utils.LoggingActivationFilter]::Instance.Start($Path, $Append, $Database)
}

<#
.SYNOPSIS
Stop the log of COM activations in the current process.
.DESCRIPTION
This cmdlet stops a COM activation log for the current process.
.INPUTS
None
.OUTPUTS
None
.EXAMPLE
Stop-ComActivationLog
Stop COM activation log.
#>

function Stop-ComActivationLog {
    [OleViewDotNetPS.Utils.LoggingActivationFilter]::Instance.Stop()
}

<#
.SYNOPSIS
Get COM AppIDs from a database.
.DESCRIPTION
This cmdlet gets COM AppIDs from the database based on a set of criteria. The default is to return all registered AppIds.
.PARAMETER Database
The database to use.
.PARAMETER AppId
Specify a AppID to lookup.
.PARAMETER Name
Specify a name to match against the AppId name.
.PARAMETER ServiceName
Specify a service name to match against.
.PARAMETER IsService
Specify a returns AppIDs implemented by services.
.PARAMETER Source
Specify looking up the COM AppIDs based on a source type.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Database.COMAppIDEntry
.EXAMPLE
Get-ComAppId -Database $comdb
Get all COM AppIDs from a database.
#>

function Get-ComAppId {
    [CmdletBinding(DefaultParameterSetName = "All")]
    Param(
        [OleViewDotNet.Database.COMRegistry]$Database,
        [Parameter(Position = 0, Mandatory, ParameterSetName = "FromAppId")]
        [Guid]$AppId,
        [Parameter(Mandatory, ParameterSetName = "FromPartialAppId")]
        [string]$PartialAppId,
        [Parameter(Mandatory, ParameterSetName = "FromName")]
        [string]$Name,
        [Parameter(ParameterSetName = "FromServiceName")]
        [string]$ServiceName = "",
        [Parameter(ParameterSetName = "FromIsService")]
        [switch]$IsService,
        [Parameter(Mandatory, ParameterSetName = "FromSource")]
        [OleViewDotNet.Database.COMRegistryEntrySource]$Source
    )
    $Database = Get-CurrentComDatabase $Database
    if ($null -eq $Database) {
        Write-Error "No database specified and current database isn't set"
        return
    }
    switch($PSCmdlet.ParameterSetName) {
        "All" {
            Write-Output $Database.AppIDs.Values
        }
        "FromAppId" {
            Write-Output $Database.AppIDs[$AppId]
        }
        "FromPartialAppId" {
            Get-ComAppId -Database $Database | Where-Object AppId -Match $PartialAppId | Write-Output
        }
        "FromName" {
            Get-ComAppId -Database $Database | Where-Object Name -eq $Name | Write-Output
        }
        "FromServiceName" {
            Get-ComAppId -Database $Database | Where-Object ServiceName -eq $ServiceName | Write-Output
        }
        "FromIsService" {
            Get-ComAppId -Database $Database | Where-Object IsService | Write-Output
        }
        "FromSource" {
            Get-ComAppId -Database $Database | Where-Object Source -eq $Source | Write-Output
        }
    }
}

<#
.SYNOPSIS
Show a COM database in the main viewer.
.DESCRIPTION
This cmdlet starts the main viewer application and loads a specified database file.
.PARAMETER Database
The database to view.
.PARAMETER Path
The path to the database to view.
.PARAMETER UseArchitecture
Try and load the viewer with the same architecture as captured.
.INPUTS
None
.OUTPUTS
None
.EXAMPLE
Show-ComDatabase
Show the current COM database in the viewer.
.EXAMPLE
Show-ComDatabase -Database $comdb
Show a COM database in the viewer.
.EXAMPLE
Show-ComDatabase -Path com.db
Show a COM database in the viewer from a file.
#>

function Show-ComDatabase {
    [CmdletBinding(DefaultParameterSetName="FromDb")]
    Param(
        [Parameter(Position = 0, ParameterSetName = "FromDb")]
        [OleViewDotNet.Database.COMRegistry]$Database,
        [Parameter(Mandatory, Position = 0, ParameterSetName = "FromFile")]
        [string]$Path,
        [Parameter(ParameterSetName = "FromDb")]
        [switch]$UseArchitecture,
        [Parameter(Mandatory, ParameterSetName = "FromDefault")]
        [switch]$Default,
        [Parameter(ParameterSetName = "FromDefault")]
        [OleViewDotNet.Utilities.ProgramArchitecture]$Architecture = [OleViewDotNet.Utilities.AppUtilities]::CurrentArchitecture
    )

    $DeleteFile = $false

    switch($PSCmdlet.ParameterSetName) {
        "FromDb" {
            $Database = Get-CurrentComDatabase $Database
            if ($null -eq $Database) {
                Write-Error "No database specified and current database isn't set"
                return
            }
            $Path = (New-TemporaryFile).FullName
            Set-ComDatabase $Path -NoProgress -Database $Database
            $DeleteFile = $true
        }
        "FromFile" {
            # Do nothing.
        }
        "FromDefault" {
            # Do nothing.
        }
    }

    if (!$Default) {
        $args = @("`"-i=$Path`"")
        if ($DeleteFile) {
            $args += @("-d")
        }
    }

    if ($UseArchitecture) {
        [OleViewDotNet.Utilities.AppUtilities]::StartArchProcess($Database.Architecture, $args)
    } elseif ($Default) {
        [OleViewDotNet.Utilities.AppUtilities]::StartArchProcess($Architecture, "")
    } else {
        [OleViewDotNet.Utilities.AppUtilities]::StartProcess($args)
    }
}

<#
.SYNOPSIS
Get a COM class or Runtime class instance interfaces.
.DESCRIPTION
This cmdlet enumerates the supported interfaces for a COM class or Runtime class and returns them.
.PARAMETER ClassEntry
The COM or Runtime classes to enumerate.
.PARAMETER Refresh
Specify to force the interfaces to be refreshed.
.PARAMETER Factory
Specify to return the implemented factory interfaces.
.PARAMETER NoQuery
Specify to not query for the interfaces at all and only return what's already available.
.PARAMETER NoProgress
Don't show progress for query.
.PARAMETER Token
The token to use when querying for the interfaces.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Database.COMInterfaceInstance[]
.EXAMPLE
Get-ComClassInterface -ClassEntry $cls
Get instance interfaces for a COM class.
.EXAMPLE
Get-ComClassInterface -ClassEntry $cls -Factory
Get factory interfaces for a COM class.
.EXAMPLE
Get-ComClassInterface -ClassEntry $cls -Refresh
Get instance interfaces for a COM class forcing them to be refreshed if necessary.
#>

function Get-ComClassInterface {
    [CmdletBinding()]
    Param(
        [Parameter(Mandatory, Position = 0, ValueFromPipeline)]
        [OleViewDotNet.Database.ICOMClassEntry[]]$ClassEntry,
        [switch]$Refresh,
        [switch]$Factory,
        [switch]$NoQuery,
        [switch]$NoProgress,
        [OleViewDotNet.Security.COMAccessToken]$Token
        )
    PROCESS {
        $i = 0
        foreach($class in $ClassEntry) {
            if (!$NoQuery) {
                if (!$NoProgress) {
                    if ($PSCmdlet.MyInvocation.ExpectingInput) {
                        Write-Progress "Querying for Class Interfaces" -Status $class.Name
                    } else {
                        Write-Progress "Querying for Class Interfaces" -Status $class.Name -PercentComplete (($i / $ClassEntry.Count) * 100)
                        $i++
                    }
                }
                $class.LoadSupportedInterfaces($Refresh, $Token) | Out-Null
            }
            if ($Factory) {
                $class.FactoryInterfaces | Write-Output
            } else {
                $class.Interfaces | Write-Output
            }
        }
    }
}

<#
.SYNOPSIS
Get COM Runtime classes from a database.
.DESCRIPTION
This cmdlet gets COM Runtime classes from the database based on a set of criteria. The default is to return all registered runtime classes.
.PARAMETER Database
The database to use.
.PARAMETER Name
Specify a name to equal the class name.
.PARAMETER DllPath
Specify the DLL path to match against.
.PARAMETER ActivationType
Specify a type of activation to match against.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Database.COMRuntimeClassEntry
.EXAMPLE
Get-ComRuntimeClass $comdb
Get all COM Runtime classes from the current database.
.EXAMPLE
Get-ComRuntimeClass -Name "Windows.ABC.XYZ"
Get COM Runtime classes with the name Windows.ABC.XYZ.
.EXAMPLE
Get-ComRuntimeClass -DllPath "c:\path\to\runtime.dll"
Get COM Runtime classes which are implemented in a DLL with the path "c:\path\to\runtime.dll"
.EXAMPLE
Get-ComRuntimeClass -ActivationType OutOfProcess
Get COM Runtime classes which are implemented out-of-process.
#>

function Get-ComRuntimeClass {
    [CmdletBinding(DefaultParameterSetName = "All")]
    Param(
        [OleViewDotNet.Database.COMRegistry]$Database,
        [Parameter(Position = 0, Mandatory, ParameterSetName = "FromName")]
        [string]$Name,
        [Parameter(Mandatory, ParameterSetName = "FromDllPath")]
        [string]$DllPath,
        [Parameter(Mandatory, ParameterSetName = "FromActivationType")]
        [OleViewDotNet.Database.ActivationType]$ActivationType,
        [Parameter(Mandatory, ParameterSetName = "FromTrustLevel")]
        [OleViewDotNet.Database.TrustLevel]$TrustLevel
    )
    $Database = Get-CurrentComDatabase $Database
    if ($null -eq $Database) {
        Write-Error "No database specified and current database isn't set"
        return
    }
    switch($PSCmdlet.ParameterSetName) {
        "All" {
            Write-Output $Database.RuntimeClasses.Values
        }
        "FromName" {
            $Database.RuntimeClasses[$Name] | Write-Output
        }
        "FromDllPath" {
            Get-ComRuntimeClass -Database $Database | Where-Object DllPath -eq $DllPath | Write-Output
        }
        "FromActivationType" {
            Get-ComRuntimeClass -Database $Database | Where-Object ActivationType -eq $ActivationType | Write-Output
        }
        "FromTrustLevel" {
            Get-ComRuntimeClass -Database $Database | Where-Object TrustLevel -eq $TrustLevel | Write-Output
        }
    }
}

<#
.SYNOPSIS
Get COM Runtime servers from a database.
.DESCRIPTION
This cmdlet gets COM Runtime server from the database based on a set of criteria. The default is to return all registered runtime servers.
.PARAMETER Database
The database to use. Optional if the current database has been set.
.PARAMETER Name
Specify a name to equal the server name.
.PARAMETER ExePath
Specify the executable path to match against.
.PARAMETER ServerType
Specify a type of server to match against.
.PARAMETER IdentityType
Specify the identity type of the server to match against.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Database.COMRuntimeClassEntry
.EXAMPLE
Get-ComRuntimeServer
Get all COM Runtime classes from the current data database.
.EXAMPLE
Get-ComRuntimeServer -Name "ABC"
Get COM Runtime server with the name ABC.
#>

function Get-ComRuntimeServer {
    [CmdletBinding(DefaultParameterSetName = "All")]
    Param(
        [OleViewDotNet.Database.COMRegistry]$Database,
        [Parameter(Position = 0, Mandatory, ParameterSetName = "FromName")]
        [string]$Name,
        [Parameter(Mandatory, ParameterSetName = "FromExePath")]
        [string]$ExePath,
        [Parameter(Mandatory, ParameterSetName = "FromServerType")]
        [OleViewDotNet.Database.ServerType]$ServerType,
        [Parameter(Mandatory, ParameterSetName = "FromIdentityType")]
        [OleViewDotNet.Database.IdentityType]$IdentityType
    )
    $Database = Get-CurrentComDatabase $Database
    if ($null -eq $Database) {
        Write-Error "No database specified and current database isn't set"
        return
    }
    switch($PSCmdlet.ParameterSetName) {
        "All" {
            Write-Output $Database.RuntimeServers.Values
        }
        "FromName" {
            $Database.RuntimeServers[$Name] | Write-Output
        }
        "FromExePath" {
            Get-ComRuntimeServer -Database $Database | Where-Object ExePath -eq $ExePath | Write-Output
        }
        "FromServerType" {
            Get-ComRuntimeServer -Database $Database | Where-Object ServerType -eq $ServerType | Write-Output
        }
        "FromIdentityType" {
            Get-ComRuntimeServer -Database $Database | Where-Object IdentityType -eq $IdentityType | Write-Output
        }
    }
}

<#
.SYNOPSIS
Get COM interfaces from a database.
.DESCRIPTION
This cmdlet gets COM interfaces from the database based on a set of criteria. The default is to return all registered interfaces.
.PARAMETER Database
The database to use. If not specified then the current database is used.
.PARAMETER Iid
Specify a IID to lookup.
.PARAMETER AllowNoReg
Creates an interface entry even if not registered.
.PARAMETER Name
Specify a name to match against the interface name.
.PARAMETER Object
A running COM object to query for interfaces (can take a long time/hang).
.PARAMETER Proxy
Return interfaces which have a registered proxy class.
.PARAMETER TypeLib
Return interfaces which have a registered type library.
.PARAMETER Source
Return interfaces which came from a specific source.
.PARAMETER Class
The COM or Runtime classes to enumerate.
.PARAMETER Clsid
The COM clsid to enumerate.
.PARAMETER RuntimeClass
The name of the runtime class to enumerate.
.PARAMETER Refresh
Specify to force the interfaces to be refreshed.
.PARAMETER Factory
Specify to return the implemented factory interfaces.
.PARAMETER NoQuery
Specify to not query for the interfaces at all and only return what's already available.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Database.COMInterfaceEntry
.EXAMPLE
Get-ComInterface
Get all COM interfaces from the current database.
.EXAMPLE
Get-ComInterface -Database $comdb
Get all COM interfaces from a specific database.
.EXAMPLE
Get-ComInterface -Iid "00000001-0000-0000-C000-000000000046"
Get COM interface from an IID from a database.
.EXAMPLE
Get-ComInterface -Name "IBlah"
Get COM interface which is called IBlah.
.EXAMPLE
Get-ComInterface -Object $obj
Get COM interfaces supported by an object.
#>

function Get-ComInterface {
    [CmdletBinding(DefaultParameterSetName = "All")]
    Param(
        [Parameter(Position = 0, Mandatory, ParameterSetName = "FromIid", ValueFromPipelineByPropertyName)]
        [Guid]$Iid,
        [Parameter(ParameterSetName = "FromIid")]
        [switch]$AllowNoReg,
        [Parameter(Mandatory, ParameterSetName = "FromPartialIid")]
        [string]$PartialIid,
        [Parameter(Mandatory, ParameterSetName = "FromName")]
        [string]$Name,
        [Parameter(Mandatory, ParameterSetName = "FromObject")]
        [object]$Object,
        [Parameter(Mandatory, ParameterSetName = "FromProxy")]
        [switch]$Proxy,
        [Parameter(Mandatory, ParameterSetName = "FromTypeLib")]
        [switch]$TypeLib,
        [Parameter(Mandatory, ParameterSetName = "FromSource")]
        [OleViewDotNet.Database.COMRegistryEntrySource]$Source,
        [Parameter(Mandatory, ParameterSetName="FromClass")]
        [OleViewDotNet.Database.ICOMClassEntry]$Class,
        [Parameter(Mandatory, ParameterSetName="FromClsid")]
        [guid]$Clsid,
        [Parameter(Mandatory, ParameterSetName="FromRuntimeClass")]
        [string]$RuntimeClass,
        [Parameter(ParameterSetName="FromClass")]
        [Parameter(ParameterSetName="FromClsid")]
        [Parameter(ParameterSetName="FromRuntimeClass")]
        [switch]$Refresh,
        [Parameter(ParameterSetName="FromClass")]
        [Parameter(ParameterSetName="FromClsid")]
        [Parameter(ParameterSetName="FromRuntimeClass")]
        [switch]$Factory,
        [Parameter(ParameterSetName="FromClass")]
        [Parameter(ParameterSetName="FromClsid")]
        [Parameter(ParameterSetName="FromRuntimeClass")]
        [switch]$NoQuery,
        [OleViewDotNet.Database.COMRegistry]$Database
    )
    $Database = Get-CurrentComDatabase $Database
    if ($null -eq $Database) {
        Write-Error "No database specified and current database isn't set"
        return
    }
    switch($PSCmdlet.ParameterSetName) {
        "All" {
            Write-Output $Database.Interfaces.Values
        }
        "FromName" {
            Get-ComInterface -Database $Database | Where-Object Name -eq $Name | Write-Output
        }
        "FromPartialIid" {
            Get-ComInterface -Database $Database | Where-Object Iid -Match $PartialIid | Write-Output
        }
        "FromIid" {
            if ($AllowNoReg) {
                $Database.MapIidToInterface($Iid) | Write-Output
            } else {
                $Database.Interfaces[$Iid] | Write-Output
            }
        }
        "FromObject" {
            $Database.GetInterfacesForObject($Object) | Write-Output
        }
        "FromProxy" {
            Get-ComInterface -Database $Database | Where-Object ProxyClassEntry -ne $null | Write-Output
        }
        "FromTypeLib" {
            Get-ComInterface -Database $Database | Where-Object TypeLibEntry -ne $null | Write-Output
        }
        "FromSource" {
            Get-ComInterface -Database $Database | Where-Object Source -eq $Source | Write-Output
        }
        "FromClass" {
            Get-ComClassInterface -ClassEntry $Class -NoProgress -Refresh:$Refresh -Factory:$Factory -NoQuery:$NoQuery | Select-Object -ExpandProperty InterfaceEntry
        }
        "FromClsid" {
            $Class = Get-ComClass -Clsid $Clsid
            if ($Class -ne $null) {
                Get-ComClassInterface -ClassEntry $Class -NoProgress -Refresh:$Refresh -Factory:$Factory -NoQuery:$NoQuery | Select-Object -ExpandProperty InterfaceEntry
            }
        }
        "FromRuntimeClass" {
            $Class = Get-ComRuntimeClass -Name $RuntimeClass
            if ($Class -ne $null) {
                Get-ComClassInterface -ClassEntry $Class -NoProgress -Refresh:$Refresh -Factory:$Factory -NoQuery:$NoQuery | Select-Object -ExpandProperty InterfaceEntry
            }
        }
    }
}

<#
.SYNOPSIS
Filter launch accessible COM database information.
.DESCRIPTION
This cmdlet filters various types of COM database information such as Classes, AppIDs and processes
to only those launchable accessible by certain processes or tokens.
.PARAMETER InputObject
The COM object entry to select on.
.PARAMETER Token
An access token to perform the access check on.
.PARAMETER Process
A process to get the access token from for the access check.
.PARAMETER ProcessId
A process ID to get the access token from for the access check.
.PARAMETER Access
The access mask to check, for access permissions. Defaults to local execute.
.PARAMETER LaunchAccess
The access mask to check, for launch permissions. Defaults to local execute and activation.
.PARAMETER Principal
The principal for the access check, defaults to the current user.
.PARAMETER NotAccessible
Filter out accessible objects.
.PARAMETER IgnoreDefault
If the object doesn't have a specific set of launch permissions uses the system default. If this flag is specified objects without a specific launch permission are ignored.
.INPUTS
OleViewDotNet.Security.ICOMAccessSecurity
.OUTPUTS
OleViewDotNet.Security.ICOMAccessSecurity
.EXAMPLE
Get-ComClass | Select-ComAccess
Get all COM classes which are accessible by the current process.
.EXAMPLE
Get-ComClass | Select-ComAccess -IgnoreDefault
Get all COM classes which are accessible by the current process ignoring default security permissions.
.EXAMPLE
Get-ComClass | Select-ComAccess -Token $token
Get all COM classes which are accessible by a specified token.
.EXAMPLE
Get-ComClass | Select-ComAccess -Process $process
Get all COM classes which are accessible by a specified process.
.EXAMPLE
Get-ComClass | Select-ComAccess -ProcessId 1234
Get all COM classes which are accessible by a specified process from its ID.
.EXAMPLE
Get-ComClass | Select-ComAccess -Access 0
Only check for launch permissions and ignore access permissions.
.EXAMPLE
Get-ComClass | Select-ComAccess -LaunchAccess 0
Only check for access permissions and ignore launch permissions.
#>

function Select-ComAccess {
    [CmdletBinding(DefaultParameterSetName = "FromProcessId")]
    Param(
        [Parameter(Mandatory, Position = 0, ValueFromPipeline)]
        [OleViewDotNet.Security.ICOMAccessSecurity]$InputObject,
        [OleViewDotNet.Security.COMAccessRights]$Access = "ExecuteLocal",
        [OleViewDotNet.Security.COMAccessRights]$LaunchAccess = "ActivateLocal, ExecuteLocal",
        [Parameter(Mandatory, ParameterSetName = "FromToken")]
        [OleViewDotNet.Security.COMAccessToken]$Token,
        [Parameter(ParameterSetName = "FromProcessId")]
        [alias("pid")]
        [int]$ProcessId = $pid,
        [OleViewDotNet.Security.COMSid]$Principal,
        [switch]$NotAccessible,
        [switch]$IgnoreDefault
    )

    BEGIN {
        switch($PSCmdlet.ParameterSetName) {
            "FromProcessId" {
                $access_check = [OleViewDotNetPS.Utils.PowerShellUtils]::GetAccessCheck($ProcessId, `
                    $Principal, $Access, $LaunchAccess, $IgnoreDefault)
            }
            "FromToken" {
                $access_check = [OleViewDotNetPS.Utils.PowerShellUtils]::GetAccessCheck($Token, `
                    $Principal, $Access, $LaunchAccess, $IgnoreDefault)
            }
        }
    }

    PROCESS {
        $result = $access_check.AccessCheck($InputObject)
        if ($NotAccessible) {
            $result = !$result
        }
        if ($result) {
            Write-Output $InputObject
        }
    }

    END {
        if ($null -ne $access_check) {
            $access_check.Dispose()
        }
    }
}

<#
.SYNOPSIS
Test accessible COM database information.
.DESCRIPTION
This cmdlet tests of a COM database object is accessible.
.PARAMETER InputObject
The COM object entry to test.
.PARAMETER Token
An access token to perform the access check on.
.PARAMETER Process
A process to get the access token from for the access check.
.PARAMETER ProcessId
A process ID to get the access token from for the access check.
.PARAMETER Access
The access mask to check, for access permissions. Defaults to local execute.
.PARAMETER LaunchAccess
The access mask to check, for launch permissions. Defaults to local execute and activation.
.PARAMETER Principal
The principal for the COM access check, defaults to the current user.
.PARAMETER IgnoreDefault
If the object doesn't have a specific set of launch permissions uses the system default. If this flag is specified objects without a specific launch permission are ignored.
.INPUTS
OleViewDotNet.Security.ICOMAccessSecurity
.OUTPUTS
bool
#>

function Test-ComAccess {
    [CmdletBinding(DefaultParameterSetName = "FromProcessId")]
    Param(
        [Parameter(Mandatory, Position = 0)]
        [OleViewDotNet.Security.ICOMAccessSecurity]$InputObject,
        [OleViewDotNet.Security.COMAccessRights]$Access = "ExecuteLocal",
        [OleViewDotNet.Security.COMAccessRights]$LaunchAccess = "ActivateLocal, ExecuteLocal",
        [Parameter(Mandatory, ParameterSetName = "FromToken")]
        [OleViewDotNet.Security.COMAccessToken]$Token,
        [Parameter(ParameterSetName = "FromProcessId")]
        [alias("pid")]
        [int]$ProcessId = $pid,
        [OleViewDotNet.Security.COMSid]$Principal,
        [switch]$IgnoreDefault
    )

    $access_check = switch($PSCmdlet.ParameterSetName) {
        "FromProcessId" {
            [OleViewDotNetPS.Utils.PowerShellUtils]::GetAccessCheck($ProcessId, `
                $Principal, $Access, $LaunchAccess, $IgnoreDefault)
        }
        "FromToken" {
            [OleViewDotNetPS.Utils.PowerShellUtils]::GetAccessCheck($Token, `
                $Principal, $Access, $LaunchAccess, $IgnoreDefault)
        }
    }

    $access_check.AccessCheck($InputObject)

    if ($null -ne $access_check) {
        $access_check.Dispose()
    }
}

<#
.SYNOPSIS
Gets accessible COM database information.
.DESCRIPTION
This cmdlet gets the maximum access for various types of COM database information such as Classes, AppIDs and processes
to only those launchable accessible by certain processes or tokens.
.PARAMETER InputObject
The COM object entry to get.
.PARAMETER Token
An access token to perform the access check on.
.PARAMETER Process
A process to get the access token from for the access check.
.PARAMETER ProcessId
A process ID to get the access token from for the access check.
.PARAMETER Access
The access mask to check, for access permissions. Defaults to local execute.
.PARAMETER LaunchAccess
The access mask to check, for launch permissions. Defaults to local execute and activation.
.PARAMETER Principal
The principal for the access check, defaults to the current user.
.PARAMETER IgnoreDefault
If the object doesn't have a specific set of launch permissions uses the system default. If this flag is specified objects without a specific launch permission are ignored.
.INPUTS
OleViewDotNet.Security.ICOMAccessSecurity
.OUTPUTS
OleViewDotNet.Security.COMAccessCheckResult
#>

function Get-ComAccess {
    [CmdletBinding(DefaultParameterSetName = "FromProcessId")]
    Param(
        [Parameter(Mandatory, Position = 0, ValueFromPipeline)]
        [OleViewDotNet.Security.ICOMAccessSecurity]$InputObject,
        [OleViewDotNet.Security.COMAccessRights]$Access = "ExecuteLocal",
        [OleViewDotNet.Security.COMAccessRights]$LaunchAccess = "ActivateLocal, ExecuteLocal",
        [Parameter(Mandatory, ParameterSetName = "FromToken")]
        [OleViewDotNet.Security.COMAccessToken]$Token,
        [Parameter(ParameterSetName = "FromProcessId")]
        [alias("pid")]
        [int]$ProcessId = $pid,
        [OleViewDotNet.Security.COMSid]$Principal,
        [switch]$IgnoreDefault
    )

    BEGIN {
        switch($PSCmdlet.ParameterSetName) {
            "FromProcessId" {
                $access_check = [OleViewDotNetPS.Utils.PowerShellUtils]::GetAccessCheck($ProcessId, `
                    $Principal, $Access, $LaunchAccess, $IgnoreDefault)
            }
            "FromToken" {
                $access_check = [OleViewDotNetPS.Utils.PowerShellUtils]::GetAccessCheck($Token, `
                    $Principal, $Access, $LaunchAccess, $IgnoreDefault)
            }
        }
    }

    PROCESS {
        $access_check.GetMaximumAccess($InputObject)
    }

    END {
        if ($null -ne $access_check) {
            $access_check.Dispose()
        }
    }
}

Enum ComObjRefOutput
{
    Object
    Bytes
    Moniker
}

function Out-ObjRef {
    [CmdletBinding()]
    Param(
        [parameter(Mandatory, Position = 0, ValueFromPipeline)]
        [OleViewDotNet.Marshaling.COMObjRef]$ObjRef,
        [ComObjRefOutput]$Output = "Object"
    )

    switch($Output) {
        "Bytes" {
            Write-Output $objref.ToArray()
        }
        "Moniker" {
            $moniker = $objref.ToMoniker()
            Write-Output $moniker
        }
        "Object" {
            Write-Output $objref
        }
    }
}

<#
.SYNOPSIS
Get an OBJREF for a COM object.
.DESCRIPTION
This cmdlet marshals a COM object to an OBJREF, returning a byte array, a COMObjRef object or a moniker.
.PARAMETER Object
The object to marshal.
.PARAMETER Path
Specify a path for the output OBJREF.
.PARAMETER Output
Specify the output mode for the OBJREF.
.PARAMETER IID
Specify the IID to marshal.
.PARAMETER MarshalContext
Specify the context to marshal for.
.PARAMETER MarshalFlags
Specify flags for the marshal operation.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Marshaling.COMObjRef or string.
.EXAMPLE
Get-ComObjRef $obj
Marshal an object to the file marshal.bin as a COMObjRef object.
.EXAMPLE
Get-ComObjRef $obj -Output Bytes | Set-Content objref.bin -Encoding Bytes
Marshal an object to a byte array and write to a file.
.EXAMPLE
Get-ComObjRef $obj -Output Moniker
Marshal an object to a moniker.
.EXAMPLE
Get-ComObjRef objref.bin
Gets an OBJREF from a file.
#>

function Get-ComObjRef {
    [CmdletBinding(DefaultParameterSetName = "FromPath")]
    Param(
        [Parameter(Mandatory, Position = 0, ParameterSetName = "FromObject")]
        [object]$Object,
        [Parameter(Mandatory, Position = 0, ParameterSetName = "FromPath")]
        [string]$Path,
        [Parameter(Mandatory, Position = 0, ParameterSetName = "FromBytes")]
        [byte[]]$Bytes,
        [ComObjRefOutput]$Output = "Object",
        [Parameter(ParameterSetName = "FromObject", ValueFromPipelineByPropertyName)]
        [Guid]$Iid = "00000000-0000-0000-C000-000000000046",
        [Parameter(ParameterSetName = "FromObject")]
        [OleViewDotNet.Interop.MSHCTX]$MarshalContext = "DIFFERENTMACHINE",
        [Parameter(ParameterSetName = "FromObject")]
        [OleViewDotNet.Interop.MSHLFLAGS]$MarshalFlags = "NORMAL"
    )

    BEGIN {
        switch($PSCmdlet.ParameterSetName) {
            "FromObject" {
                $Object = Unwrap-ComObject $Object
            }
        }
    }

    PROCESS {
        switch($PSCmdlet.ParameterSetName) {
            "FromObject" {
                [OleViewDotNet.Marshaling.COMObjRef]::FromObject($Object, `
                        $Iid, $MarshalContext, $MarshalFlags) | Out-ObjRef -Output $Output
            }
            "FromPath" {
                $ba = Get-Content -Path $Path -Encoding Byte
                [OleViewDotNet.Marshaling.COMObjRef]::FromArray($ba) | Out-ObjRef -Output $Output
            }
            "FromBytes" {
                [OleViewDotNet.Marshaling.COMObjRef]::FromArray($Bytes) | Out-ObjRef -Output $Output
            }
        }
    }
}

<#
.SYNOPSIS
Views a COM security descriptor.
.DESCRIPTION
This cmdlet opens a viewer for a COM security descriptor.
.PARAMETER SecurityDescriptor
The security descriptor to view in SDDL format.
.PARAMETER ShowAccess
Show access rights rather than launch rights.
.PARAMETER InputObject
Shows the security descriptor for a database object.
.PARAMETER Default
Shows the default security descriptor for the specified database.
.PARAMETER RuntimeDefault
Shows the default security descriptor for the Windows Runtime Broker.
.PARAMETER Restriction
Shows the security descriptor restriction for the specified database.
.PARAMETER Database
Specify the database for showing the default or restriction security descriptors.
.INPUTS
None
.OUTPUTS
None
.EXAMPLE
Show-ComSecurityDescriptor $obj
Shows a launch security descriptor from an object.
.EXAMPLE
Show-ComSecurityDescriptor $obj -ShowAccess
Shows an access security descriptor from an object.
.EXAMPLE
Show-ComSecurityDescriptor -SecurityDescriptor "D:(A;;GA;;;WD)"
Shows a SDDL launch security descriptor.
.EXAMPLE
Show-ComSecurityDescriptor -SecurityDescriptor "D:(A;;GA;;;WD)" -ShowAccess
Shows a SDDL access security descriptor.
.EXAMPLE
Show-ComSecurityDescriptor -Default
Show the default launch security descriptor for the current database.
.EXAMPLE
Show-ComSecurityDescriptor -Default -ShowAccess
Show the default access security descriptor for the current database.
.EXAMPLE
Show-ComSecurityDescriptor -Restriction
Show the launch security descriptor restriction for the current database.
.EXAMPLE
Show-ComSecurityDescriptor -Restriction -ShowAccess
Show the access security descriptor restriction for the current database.
#>

function Show-ComSecurityDescriptor {
    [CmdletBinding(DefaultParameterSetName="FromObject")]
    Param(
        [Parameter(Mandatory, ParameterSetName = "FromSddl")]
        [OleViewDotNet.Security.COMSecurityDescriptor]$SecurityDescriptor,
        [Parameter(Mandatory, Position = 0, ValueFromPipeline, ParameterSetName = "FromObject")]
        [OleViewDotNet.Security.ICOMAccessSecurity]$InputObject,
        [Parameter(Mandatory, ParameterSetName = "FromRestriction")]
        [switch]$Restriction,
        [Parameter(Mandatory, ParameterSetName = "FromDefault")]
        [switch]$Default,
        [Parameter(Mandatory, ParameterSetName = "FromRuntimeDefault")]
        [switch]$RuntimeDefault,
        [Parameter(ParameterSetName = "FromRestriction")]
        [Parameter(ParameterSetName = "FromDefault")]
        [OleViewDotNet.Database.COMRegistry]$Database,
        [switch]$ShowAccess
    )

    PROCESS {
        if ($PSCmdlet.ParameterSetName -eq "FromRestriction" -or $PSCmdlet.ParameterSetName -eq "FromDefault") {
            $Database = Get-CurrentComDatabase $Database
            if ($null -eq $Database) {
                Write-Error "No database specified and current database isn't set"
                return
            }
        }
        $name = ""
        switch($PSCmdlet.ParameterSetName) {
            "FromSddl" {
                # Do nothing.
            }
            "FromObject" {
                if ($ShowAccess) {
                    $SecurityDescriptor = [OleViewDotNet.Security.COMSecurity]::GetAccessPermission($InputObject)
                } else {
                    $SecurityDescriptor = [OleViewDotNet.Security.COMSecurity]::GetLaunchPermission($InputObject)
                }
                $name = $InputObject.Name.Replace("`"", " ")
            }
            "FromDefault" {
                if ($ShowAccess) {
                    $SecurityDescriptor = $Database.DefaultAccessPermission
                } else {
                    $SecurityDescriptor = $Database.DefaultLaunchPermission
                }
                $name = "Default"
            }
            "FromRestriction" {
                if ($ShowAccess) {
                    $SecurityDescriptor = $Database.DefaultAccessRestriction
                } else {
                    $SecurityDescriptor = $Database.DefaultLaunchRestriction
                }
                $name = "Restriction"
            }
            "FromRuntimeDefault" {
                $SecurityDescriptor = [OleViewDotNet.Database.COMRuntimeClassEntry]::DefaultActivationPermission
            }
        }

        if ($null -ne $SecurityDescriptor) {
            $args = "-v=$($SecurityDescriptor.ToBase64())"
            if ($ShowAccess) {
                $args += " --access"
            }
            
            if ("" -ne $name) {
                $args += " `"-n=$name`""
            }

            [OleViewDotNet.Utilities.AppUtilities]::StartProcess($args)
        }
    }
}

<#
.SYNOPSIS
Creates a new COM object instance.
.DESCRIPTION
This cmdlet creates a new COM object instance from a class or factory.
.PARAMETER Class
Specify the class to use for the new COM object.
.PARAMETER Factory
Specify an existing class factory for the new COM object.
.PARAMETER Clsid
Specify a CLSID to use for the new COM object.
.PARAMETER ClassContext
Specify the context the new object will be created from.
.PARAMETER RemoteServer
Specify the remote server the COM object will be created on.
.PARAMETER AuthInfo
Specify authentication information for the remote server connection.
.PARAMETER SessionId
Specify the console session to create the object in.
.PARAMETER NoWrapper
Don't wrap object in a callable wrapper.
.PARAMETER Iid
Specify the interface to query for initially.
.PARAMETER Database
Specify to indicate the database to get interface information from.
.PARAMETER Ipid
Create the object from an existing IPID.
.PARAMETER RuntimeClass
The name of a Windows Runtime class to create.
.PARAMETER InBroker
Specify to create the runtime class in a broker.
.PARAMETER PerUserBroker
Specify to use a per-user broker.
.PARAMETER Elevate
Specify to elevate the class object.
#>

function New-ComObject {
    [CmdletBinding(DefaultParameterSetName="FromClass")]
    Param(
        [Parameter(Mandatory, Position = 0, ParameterSetName = "FromClass", ValueFromPipeline)]
        [Parameter(Mandatory, Position = 0, ParameterSetName = "FromSessionIdClass")]
        [Parameter(Mandatory, Position = 0, ParameterSetName = "FromElevateClass")]
        [OleViewDotNet.Database.ICOMClassEntry]$Class,
        [Parameter(Mandatory, Position = 0, ParameterSetName = "FromFactory", ValueFromPipeline)]
        [OleViewDotNetPS.Wrappers.IClassFactoryWrapper]$Factory,
        [Parameter(Mandatory, Position = 0, ParameterSetName = "FromActivationFactory")]
        [OleViewDotNetPS.Wrappers.IActivationFactoryWrapper]$ActivationFactory,
        [Parameter(Mandatory, ParameterSetName = "FromClsid")]
        [Parameter(Mandatory, ParameterSetName = "FromSessionIdClsid")]
        [Parameter(Mandatory, ParameterSetName = "FromElevateClsid")]
        [Guid]$Clsid,
        [Parameter(ParameterSetName = "FromClsid")]
        [Parameter(ParameterSetName = "FromClass")]
        [OleViewDotNet.Interop.CLSCTX]$ClassContext = "ALL",
        [Parameter(ParameterSetName = "FromClsid")]
        [Parameter(ParameterSetName = "FromClass")]
        [string]$RemoteServer,
        [Parameter(ParameterSetName = "FromClsid")]
        [Parameter(ParameterSetName = "FromClass")]
        [OleViewDotNet.Security.COMAuthInfo]$AuthInfo,
        [Parameter(ParameterSetName = "FromObjRef")]
        [OleViewDotNet.Marshaling.COMObjRef]$ObjRef,
        [Parameter(ParameterSetName = "FromIpid")]
        [OleViewDotNet.Processes.COMIPIDEntry]$Ipid,
        [Parameter(Mandatory, ParameterSetName = "FromSessionIdClass")]
        [Parameter(Mandatory, ParameterSetName = "FromSessionIdClsid")]
        [int]$SessionId,
        [Parameter(Mandatory, ParameterSetName = "FromElevateClass")]
        [Parameter(Mandatory, ParameterSetName = "FromElevateClsid")]
        [switch]$Elevate,
        [Parameter(Mandatory, ParameterSetName = "FromRuntimeClass")]
        [string]$RuntimeClass,
        [Parameter(ParameterSetName = "FromRuntimeClass")]
        [switch]$InBroker,
        [Parameter(ParameterSetName = "FromRuntimeClass")]
        [switch]$PerUserBroker,
        [switch]$NoWrapper,
        [Guid]$Iid = [guid]::Empty,
        [OleViewDotNet.Database.COMRegistry]$Database
    )

    PROCESS {
        $obj = $null
        $iid_set = $true
        if ($Iid -eq [guid]::Empty) {
            $Iid = "00000000-0000-0000-C000-000000000046"
            $iid_set = $false
        }

        switch($PSCmdlet.ParameterSetName) {
            "FromClass" {
                $obj = $Class.CreateInstanceAsObject($ClassContext, $RemoteServer, $AuthInfo)
            }
            "FromClsid" {
                $obj = [OleViewDotNet.Utilities.COMUtilities]::CreateInstanceAsObject($Clsid, `
                    $Iid, $ClassContext, $RemoteServer, $AuthInfo)
            }
            "FromFactory" {
                $obj = $Factory.CreateInstance($null, $Iid)
            }
            "FromActivationFactory" {
                $obj = $ActivationFactory.ActivateInstance()
            }
            "FromObjRef" {
                $obj = [OleViewDotNet.Utilities.COMUtilities]::UnmarshalObject($ObjRef)
            }
            "FromIpid" {
                $obj = [OleViewDotNet.Utilities.COMUtilities]::UnmarshalObject($Ipid.ToObjRef())
            }
            "FromSessionIdClass" {
                $obj = [OleViewDotNet.Utilities.COMUtilities]::CreateFromSessionMoniker($Class.Clsid, $SessionId, $false)
            }
            "FromSessionIdClsid" {
                $obj = [OleViewDotNet.Utilities.COMUtilities]::CreateFromSessionMoniker($Clsid, $SessionId, $false)
            }
            "FromElevateClass" {
                $obj = [OleViewDotNet.Utilities.COMUtilities]::CreateFromElevationMoniker($Class.Clsid, $false)
            }
            "FromElevateClsid" {
                $obj = [OleViewDotNet.Utilities.COMUtilities]::CreateFromElevationMoniker($Clsid, $false)
            }
            "FromRuntimeClass" {
                $obj = [OleViewDotNet.Utilities.COMUtilities]::CreateRuntimeClass($RuntimeClass, $InBroker, $PerUserBroker)
            }
        }

        if ($null -ne $obj) {
            if ($null -ne $Ipid -and !$iid_set) {
                Wrap-ComObject $obj -Ipid $Ipid -NoWrapper:$NoWrapper | Write-Output
            } else {
                Wrap-ComObject $obj -Iid $Iid -NoWrapper:$NoWrapper -DataBase $DataBase | Write-Output
            }
        }
    }
}

<#
.SYNOPSIS
Creates a new COM object factory.
.DESCRIPTION
This cmdlet creates a new COM object factory from a class.
.PARAMETER Class
Specify the class to use for the new COM object factory.
.PARAMETER Clsid
Specify a CLSID to use for the new COM object factory.
.PARAMETER ClassContext
Specify the context the new factory will be created from.
.PARAMETER RemoteServer
Specify the remote server the COM object factory will be created on.
.PARAMETER AuthInfo
Specify authentication information for the remote server connection.
.PARAMETER SessionId
Specify the console session to create the factory in.
.PARAMETER NoWrapper
Don't wrap factory object in a callable wrapper.
.PARAMETER Iid
The IID to wrap for if not wanting to use a default type.
.PARAMETER RuntimeClass
The name of a Windows Runtime class to create.
.PARAMETER InBroker
Specify to create the runtime class in a broker.
.PARAMETER PerUserBroker
Specify to use a per-user broker.
.PARAMETER Elevate
Specify to elevate the class factory.
#>

function New-ComObjectFactory {
    [CmdletBinding(DefaultParameterSetName="FromClass")]
    Param(
        [Parameter(Mandatory, Position = 0, ParameterSetName = "FromClass", ValueFromPipeline)]
        [Parameter(Mandatory, Position = 0, ParameterSetName = "FromSessionIdClass")]
        [Parameter(Mandatory, Position = 0, ParameterSetName = "FromElevateClass")]
        [OleViewDotNet.Database.ICOMClassEntry]$Class,
        [Parameter(Mandatory, Position = 0, ParameterSetName = "FromClsid")]
        [Parameter(Mandatory, Position = 0, ParameterSetName = "FromSessionIdClsid")]
        [Parameter(Mandatory, Position = 0, ParameterSetName = "FromElevateClsid")]
        [Guid]$Clsid,
        [Parameter(ParameterSetName = "FromClsid")]
        [Parameter(ParameterSetName = "FromClass")]
        [OleViewDotNet.Interop.CLSCTX]$ClassContext = "ALL",
        [Parameter(ParameterSetName = "FromClsid")]
        [Parameter(ParameterSetName = "FromClass")]
        [string]$RemoteServer,
        [Parameter(ParameterSetName = "FromClsid")]
        [Parameter(ParameterSetName = "FromClass")]
        [OleViewDotNet.Security.COMAuthInfo]$AuthInfo,
        [Parameter(Mandatory, ParameterSetName = "FromSessionIdClass")]
        [Parameter(Mandatory, ParameterSetName = "FromSessionIdClsid")]
        [int]$SessionId,
        [Parameter(Mandatory, ParameterSetName = "FromElevateClass")]
        [Parameter(Mandatory, ParameterSetName = "FromElevateClsid")]
        [switch]$Elevate,
        [Parameter(Mandatory, ParameterSetName = "FromRuntimeClass")]
        [string]$RuntimeClass,
        [Parameter(ParameterSetName = "FromRuntimeClass")]
        [switch]$InBroker,
        [Parameter(ParameterSetName = "FromRuntimeClass")]
        [switch]$PerUserBroker,
        [switch]$NoWrapper,
        [guid]$Iid = [guid]::Empty
    )

    PROCESS {
        $obj = $null
        $runtime_class = $false
        switch($PSCmdlet.ParameterSetName) {
            "FromClass" {
                $obj = $Class.CreateClassFactory($ClassContext, $RemoteServer, $AuthInfo)
            }
            "FromClsid" {
                $obj = [OleViewDotNet.Utilities.COMUtilities]::CreateClassFactory($Clsid, `
                    "00000000-0000-0000-C000-000000000046", $ClassContext, $RemoteServer, $AuthInfo)
            }
            "FromSessionIdClass" {
                $obj = [OleViewDotNet.Utilities.COMUtilities]::CreateFromSessionMoniker($Class.Clsid, $SessionId, $true)
            }
            "FromSessionIdClsid" {
                $obj = [OleViewDotNet.Utilities.COMUtilities]::CreateFromSessionMoniker($Clsid, $SessionId, $true)
            }
            "FromRuntimeClass" {
                $obj = [OleViewDotNet.Utilities.COMUtilities]::CreateActivationFactory($RuntimeClass, "00000000-0000-0000-C000-000000000046", $InBroker, $PerUserBroker)
                $runtime_class = $true
            }
            "FromElevateClass" {
                $obj = [OleViewDotNet.Utilities.COMUtilities]::CreateFromElevationMoniker($Class.Clsid, $true)
            }
            "FromElevateClsid" {
                $obj = [OleViewDotNet.Utilities.COMUtilities]::CreateFromElevationMoniker($Clsid, $true)
            }
        }

        if ($null -ne $obj) {
            if ($Iid -eq [guid]::Empty) {
                $type = [OleViewDotNetPS.Utils.PowerShellUtils]::GetFactoryType($Class, $runtime_class)
                Wrap-ComObject $obj $type -NoWrapper:$NoWrapper
            } else {
                Wrap-ComObject $obj -Iid $Iid -NoWrapper:$NoWrapper 
            }
        }
    }
}

<#
.SYNOPSIS
Creates a new COM moniker instance and optionally binds to it.
.DESCRIPTION
This cmdlet creates a new COM moniker instance and optionally binds to the object.
.PARAMETER NoWrapper
Don't wrap object in a callable wrapper.
.PARAMETER Moniker
Specify a moniker to parse.
.PARAMETER Bind
Bind to parsed moniker.
.PARAMETER Composite
Parse the moniker as a composite, each component separated by a '!'
#>

function Get-ComMoniker {
    Param(
        [Parameter(Mandatory, Position = 0)]
        [string]$Moniker,
        [switch]$Bind,
        [switch]$Composite,
        [switch]$NoWrapper
    )

    $obj = $null
    if ($Bind) {
        $type = [OleViewDotNet.Interop.IUnknown]
        $obj = [OleViewDotNet.Utilities.COMUtilities]::ParseAndBindMoniker($Moniker, $Composite)
    } else {
        $type = [System.Runtime.InteropServices.ComTypes.IMoniker]
        $obj = [OleViewDotNet.Utilities.COMUtilities]::ParseMoniker($Moniker, $Composite)
    }

    if ($null -ne $obj) {
        Wrap-ComObject $obj $type -NoWrapper:$NoWrapper | Write-Output
    }
}

<#
.SYNOPSIS
Gets the display name from a COM moniker.
.DESCRIPTION
This cmdlet gets the display name from a COM moniker
.PARAMETER Moniker
Specify a moniker to get the display name from.
#>

function Get-ComMonikerDisplayName {
    Param(
        [Parameter(Mandatory, Position = 0)]
        [System.Runtime.InteropServices.ComTypes.IMoniker]$Moniker
    )

    [OleViewDotNet.Utilities.COMUtilities]::GetMonikerDisplayName($Moniker) | Write-Output
}

<#
.SYNOPSIS
Parses COM proxy information for an interface or a proxy class.
.DESCRIPTION
This cmdlet parses the COM proxy information for an interface or specified COM proxy class. If a class is specified all interfaces
from that class are returned.
.PARAMETER Class
A COM proxy class.
.PARAMETER Interface
A COM interface with a registered proxy.
.PARAMETER InterfaceInstance
A COM interface instance.
.PARAMETER Iid
A COM IID which is being proxied.
.PARAMETER AsText
Return the results as text rather than objects.
.OUTPUTS
The parsed proxy information and complex types.
.EXAMPLE
Get-ComProxy $intf
Parse the proxy information for an interface.
.EXAMPLE
Get-ComProxy $class
Parse the proxy information for a class.
.EXAMPLE
Get-ComProxy "00000001-0000-0000-C000-000000000046"
Parse the proxy based on a IID.
#>

function Get-ComProxy {
    [CmdletBinding(DefaultParameterSetName = "FromIid")]
    Param(
        [parameter(Mandatory, Position=0, ParameterSetName = "FromInterface", ValueFromPipeline)]
        [OleViewDotNet.Database.COMInterfaceEntry]$Interface,
        [parameter(Mandatory, Position=0, ParameterSetName = "FromInterfaceInstance", ValueFromPipeline)]
        [OleViewDotNet.Database.COMInterfaceInstance]$InterfaceInstance,
        [parameter(Mandatory, Position=0, ParameterSetName = "FromClass")]
        [OleViewDotNet.Database.COMCLSIDEntry]$Class,
        [parameter(Mandatory, ParameterSetName = "FromClsid")]
        [Guid]$Clsid,
        [parameter(Mandatory, Position=0, ParameterSetName = "FromIid")]
        [parameter(Mandatory, ParameterSetName = "FromTypeLib")]
        [Guid]$Iid,
        [parameter(ParameterSetName = "FromIid")]
        [parameter(ParameterSetName = "FromClsid")]
        [parameter(ParameterSetName = "FromPath")]
        [OleViewDotNet.Database.COMRegistry]$Database,
        [parameter(ParameterSetName = "FromIid")]
        [parameter(ParameterSetName = "FromInterface")]
        [parameter(ParameterSetName = "FromInterfaceInstance")]
        [switch]$ParseAutomation,
        [parameter(Mandatory, ParameterSetName = "FromPath")]
        [parameter(Mandatory, ParameterSetName = "FromTypeLib")]
        [string]$Path,
        [switch]$AsText
    )

    PROCESS {
        $proxy = switch($PSCmdlet.ParameterSetName) {
            "FromClass" {
                [OleViewDotNet.Proxy.COMProxyFile]::GetFromCLSID($Class)
            }
            "FromInterface" {
                [OleViewDotNet.Proxy.COMProxyInterface]::GetFromIID($Interface, $ParseAutomation)
            }
            "FromInterfaceInstance" {
                [OleViewDotNet.Proxy.COMProxyInterface]::GetFromIID($InterfaceInstance, $ParseAutomation)
            }
            "FromIid" {
                $intf = Get-ComInterface -Database $Database -Iid $Iid
                if ($null -ne $intf) {
                    [OleViewDotNet.Proxy.COMProxyInterface]::GetFromIID($intf, $ParseAutomation)
                }
            }
            "FromClsid" {
                $class = Get-ComClass -Database $Database -Clsid $Clsid
                if ($null -ne $class) {
                    [OleViewDotNet.Proxy.COMProxyFile]::GetFromCLSID($class)
                }
            }
            "FromPath" {
                $Database = Get-CurrentComDatabase $Database
                if ($null -eq $Database) {
                    Write-Error "No database specified and current database isn't set."
                    return
                }
                [OleViewDotNet.Proxy.COMProxyFile]::GetFromFile($Path, $Database)
            }
            "FromTypeLib" {
                $Database = Get-CurrentComDatabase $Database
                if ($null -eq $Database) {
                    Write-Error "No database specified and current database isn't set."
                    return
                }
                [OleViewDotNet.Proxy.COMProxyInterface]::GetFromTypeLibrary($Path, $Iid, $Database)
            }
        }
        if ($null -ne $proxy) {
            if ($AsText) {
                $proxy | ConvertTo-ComSourceCode
            } else {
                Write-Output $proxy
            }
        }
    }
}

<#
.SYNOPSIS
Sets the COM symbol resolver paths.
.DESCRIPTION
This cmdlet sets the COM symbol resolver paths. This allows you to specify symbol resolver paths for cmdlets which support it.
.PARAMETER DbgHelpPath
Specify path to a dbghelp DLL to use for symbol resolving. This should be ideally the dbghelp from debugging tool for Windows
which will allow symbol servers however you can use the system version if you just want to pull symbols locally.
.PARAMETER SymbolPath
Specify path for the symbols.
.PARAMETER Save
Specify to save the resolver information permanently.
.INPUTS
None
.OUTPUTS
None
.EXAMPLE
Set-ComSymbolResolver -DbgHelpPath c:\windbg\x64\dbghelp.dll
Specify the global dbghelp path.
.EXAMPLE
Set-ComSymbolResolver -DbgHelpPath dbghelp.dll -SymbolPath "c:\symbols"
Specify the global dbghelp path using c:\symbols to source the symbol files.
#>

function Set-ComSymbolResolver {
    Param(
        [alias("dbghelp")]
        [parameter(Position=0)]
        [string]$DbgHelpPath,
        [parameter(Position=1)]
        [string]$SymbolPath,
        [switch]$Save
    )

    if ($DbgHelpPath -eq "" -and $SymbolPath -eq "") {
        throw "Must specify at least one parameter."
    }

    if ("" -ne $DbgHelpPath) {
        [OleViewDotNet.ProgramSettings]::DbgHelpPath = $DbgHelpPath
    }
    if ("" -ne $SymbolPath) {
        [OleViewDotNet.ProgramSettings]::SymbolPath = $SymbolPath
    }
    if ($Save) {
        [OleViewDotNet.ProgramSettings]::Save()
    }
}

<#
.SYNOPSIS
Gets the COM symbol resolver paths.
.DESCRIPTION
This cmdlet gets the COM symbol resolver paths.
#>

function Get-ComSymbolResolver {
    [PSCustomObject]@{
        DbgHelpPath=[OleViewDotNet.ProgramSettings]::DbgHelpPath; 
        SymbolPath=[OleViewDotNet.ProgramSettings]::SymbolPath
    }
}

<#
.SYNOPSIS
Resets the COM symbol resolver paths to the defaults.
.DESCRIPTION
This cmdlet resets the COM symbol resolver paths.
.PARAMETER Save
Specify to save the resolver information permanently.
.INPUTS
None
.OUTPUTS
None
#>

function Reset-ComSymbolResolver {
    Param(
        [switch]$Save
    )

    [OleViewDotNet.ProgramSettings]::DbgHelpPath = ""
    [OleViewDotNet.ProgramSettings]::SymbolPath = ""
    if ($Save) {
        [OleViewDotNet.ProgramSettings]::Save()
    }
}

<#
.SYNOPSIS
Gets IPID entries for a COM object.
.DESCRIPTION
This cmdlet gets the IPID entries for a COM object. It queries for all known remote interfaces on the object, marshal the interfaces
then parse the containing process. If the containing process cannot be opend then this will fail.
.PARAMETER Database
The COM database to extract information from.
.PARAMETER object
The object to query.
.PARAMETER ResolveMethodNames
Specify to try and resolve method names for interfaces.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Processes.COMIPIDEntry[]
.EXAMPLE
Get-ComObjectIpid $comdb $obj
Get all IPIDs
#>

function Get-ComObjectIpid {
    [CmdletBinding()]
    Param(
        [parameter(Mandatory, Position=0)]
        [object]$Object,
        [OleViewDotNet.Database.COMRegistry]$Database,
        [switch]$ResolveMethodNames
    )

    $Database = Get-CurrentComDatabase $Database
    if ($null -eq $Database) {
        Write-Error "No database specified and current database isn't set"
        return
    }

    $ps = Get-ComInterface -Database $Database -Object $Object | Get-ComObjRef $Object | Get-ComProcess -Database $Database `
        -ParseStubMethods -ResolveMethodNames:$ResolveMethodNames
    $ps.Ipids | Write-Output
}

<#
.SYNOPSIS
Get registered class information from COM processes.
.DESCRIPTION
This cmdlet parses all accessible processes for registered COM clsses.
.PARAMETER Database
The database to use to lookup information.
.PARAMETER NoProgress
Don't show progress for process parsing.
.INPUTS
None
.OUTPUTS
OleViewDotNet.COMProcessClassRegistration
.EXAMPLE
Get-ComRegisteredClass
Get all COM registered classes accessible.
#>

function Get-ComRegisteredClass {
    [CmdletBinding()]
    Param(
        [OleViewDotNet.Database.COMRegistry]$Database,
        [switch]$NoProgress
    )

    $Database = Get-CurrentComDatabase $Database
    if ($null -eq $Database) {
        Write-Error "No database specified and current database isn't set"
        return
    }
    Get-ComProcess -Database $Database -ParseRegisteredClasses -NoProgress:$NoProgress `
        | select -ExpandProperty Classes | Where-Object {$_.Context -eq 0 -or $_.Context -match "LOCAL_SERVER"} | Write-Output
}

<#
.SYNOPSIS
Formats a COM proxy or IPID as text.
.DESCRIPTION
This cmdlet formats a COM proxy object or IPID entry as text.
.PARAMETER Proxy
The proxy or IPID entry to format.
.PARAMETER Flags
Specify flags for the formatter.
.PARAMETER Process
Format the IPIDs of a COM process.
.INPUTS
OleViewDotNet.Proxy.IProxyFormatter
.OUTPUTS
string
.EXAMPLE
Format-ComProxy $proxy
Format a COM proxy as text.
.EXAMPLE
Format-ComProxy $proxy -Flags RemoveComments
Format a COM proxy as text removing comments.
.EXAMPLE
Format-ComProxy $proxy -Flags RemoveComplexTypes
Format a COM proxy as text removing complex types.
.EXAMPLE
$ipids | Format-ComProxy
Format a list of IPIDs as text.
#>

function Format-ComProxy {
    [CmdletBinding(DefaultParameterSetName="FromProxy")]
    Param(
        [parameter(Mandatory, Position=0, ValueFromPipeline, ParameterSetName="FromProxy")]
        [OleViewDotNet.Proxy.IProxyFormatter]$Proxy,
        [parameter(Mandatory, Position=0, ValueFromPipeline, ParameterSetName="FromProcess")]
        [OleViewDotNet.Processes.COMProcessEntry]$Process,
        [parameter(Mandatory, Position=0, ValueFromPipeline, ParameterSetName="FromInterface")]
        [OleViewDotNet.Database.COMInterfaceEntry]$Interface,
        [parameter(Mandatory, Position=0, ValueFromPipeline, ParameterSetName = "FromInterfaceInstance")]
        [OleViewDotNet.Database.COMInterfaceInstance]$InterfaceInstance,
        [OleViewDotNet.Proxy.ProxyFormatterFlags]$Flags = 0
    )

    PROCESS {
        switch($PSCmdlet.ParameterSetName) {
            "FromProxy" {
                $Proxy.FormatText($Flags) | Write-Output
            }
            "FromProcess" {
                $Process.Ipids | Format-ComProxy -Flags $Flags
            }
            "FromInterface" {
                $Interface | Get-ComProxy | Format-ComProxy -Flags $Flags
            }
            "FromInterfaceInstance" {
                $InterfaceInstance | Get-ComProxy | Format-ComProxy -Flags $Flags
            }
        }
    }
}

<#
.SYNOPSIS
Gets registered COM type libraries.
.DESCRIPTION
This cmdlet gets all COM type libraries from a database.`
.PARAMETER Database
The database to use to lookup information.
.PARAMETER Iid
Get type library from an IID if that interface has a type library.
.PARAMETER Source
Specify a source where the typelib came from.
.PARAMETER TypeLibId
Specify the type library ID.
.PARAMETER Parse
Specify to parse the libraries to inspect the type information.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Database.COMTypeLibVersionEntry[]
OleViewDotNet.TypeLib.COMTypeLib
.EXAMPLE
Get-ComTypeLib
Get all COM registered type libraries.
#>

function Get-ComTypeLib {
    [CmdletBinding(DefaultParameterSetName = "All")]
    Param(
        [parameter(Mandatory, ParameterSetName = "FromIid", Position=0)]
        [Guid]$Iid,
        [parameter(Mandatory, ParameterSetName = "FromInterface")]
        [OleViewDotNet.Database.COMInterfaceEntry]$Interface,
        [parameter(Mandatory, ParameterSetName = "FromInterfaceInstance")]
        [OleViewDotNet.Database.COMInterfaceInstance]$InterfaceInstance,
        [Parameter(Mandatory, ParameterSetName = "FromSource")]
        [OleViewDotNet.Database.COMRegistryEntrySource]$Source,
        [OleViewDotNet.Database.COMRegistry]$Database,
        [parameter(Mandatory, ParameterSetName = "FromTypeLibId")]
        [Guid]$TypeLibId,
        [switch]$Parse
    )

    $Database = Get-CurrentComDatabase $Database
    if ($null -eq $Database) {
        Write-Error "No database specified and current database isn't set"
        return
    }
    $tlbs = switch($PSCmdlet.ParameterSetName) {
        "All" {
            $Database.Typelibs.Values.Versions
        }
        "FromIid" {
            $intf = Get-ComInterface -Database $Database -Iid $Iid
            if ($null -ne $intf) {
                $intf.TypeLibVersionEntry
            }
        }
        "FromInterface" {
            Get-ComTypeLib -Iid $Interface.Iid -Database $Database
        }
        "FromInterfaceInstance" {
            Get-ComTypeLib -Iid $InterfaceInstance.Iid -Database $Database
        }
        "FromSource" {
            Get-ComTypeLib -Database $Database | Where-Object Source -eq $Source
        }
        "FromTypeLibId" {
            if ($Database.Typelibs.ContainsKey($TypeLibId)) {
                $Database.Typelibs[$TypeLibId].Versions
            }
        }
    }
    if ($Parse) {
        $tlbs | % { $_.Parse() }
    } else {
        $tlbs | Write-Output
    }
}

<#
.SYNOPSIS
Gets a .NET assembly which represents the type library.
.DESCRIPTION
This cmdlet converts a type library to a .NET assembly. This process can take a while depending on the size of the library.
.PARAMETER TypeLib
The type library version entry to convert.
.PARAMETER Path
The path to a type library to convert.
.PARAMETER NoProgress
Don't show progress during conversion.
.INPUTS
OleViewDotNet.COMTypeLibVersionEntry or string.
.OUTPUTS
System.Reflection.Assembly
.EXAMPLE
Get-ComTypeLibAssembly $typelib
Get a .NET assembly from a type library entry.
#>

function Get-ComTypeLibAssembly {
    [CmdletBinding()]
    Param(
        [parameter(Mandatory, ValueFromPipeline, ParameterSetName = "FromTypeLib", Position=0)]
        [OleViewDotNet.Database.COMTypeLibVersionEntry]$TypeLib,
        [parameter(Mandatory, ParameterSetName = "FromPath")]
        [string]$Path,
        [switch]$NoProgress
    )

    PROCESS {
        $callback = New-CallbackProgress -Activity "Converting TypeLib" -NoProgress:$NoProgress
        if ($PSCmdlet.ParameterSetName -eq "FromTypeLib") {
            [OleViewDotNet.Utilities.COMTypeCache]::LoadTypeLib($TypeLib, $callback) | Write-Output
        } else {
            [OleViewDotNet.Utilities.COMTypeCache]::LoadTypeLib($Path, $callback) | Write-Output
        }
    }
}

<#
.SYNOPSIS
Formats a COM type library.
.DESCRIPTION
This cmdlet formats a COM type library. It also supports formatting the assembly or types returns from Get-ComTypeLibAssembly.
.PARAMETER Assembly
Specify a converted COM type library assembly.
.PARAMETER InterfacesOnly
Only convert interfaces to text.
.PARAMETER Type
Specify COM type object.
.PARAMETER TypeLib
Specify a COM typelib to format.
.PARAMETER Path
The path to a type library to format.
.INPUTS
OleViewDotNet.TypeLib.COMTypeLib
System.Reflection.Assembly
System.Type
.OUTPUTS
string
.EXAMPLE
Format-ComTypeLib $typelib
Format type library.
.EXAMPLE
Format-ComTypeLib $type
Format a .NET assembly.
#>

function Format-ComTypeLib {
    [CmdletBinding()]
    Param(
        [parameter(Mandatory, ValueFromPipeline, Position=0, ParameterSetName = "FromTypeLib")]
        [OleViewDotNet.TypeLib.COMTypeLib]$TypeLib,
        [parameter(Mandatory, ValueFromPipeline, Position=0, ParameterSetName = "FromAssembly")]
        [System.Reflection.Assembly]$Assembly,
        [parameter(Mandatory, ValueFromPipeline, Position=0, ParameterSetName = "FromType")]
        [System.Type]$Type,
        [parameter(Mandatory, ParameterSetName = "FromPath")]
        [string]$Path,
        [parameter(ParameterSetName = "FromAssembly")]
        [parameter(ParameterSetName = "FromTypeLib")]
        [parameter(ParameterSetName = "FromPath")]
        [switch]$InterfacesOnly
    )

    PROCESS {
        try {
            switch($PSCmdlet.ParameterSetName) {
                "FromAssembly" {
                    ConvertTo-ComSourceCode -InputObject $Assembly -InterfacesOnly:$InterfacesOnly
                }
                "FromType" {
                    ConvertTo-ComSourceCode -InputObject $Type -InterfacesOnly:$InterfacesOnly
                }
                "FromTypeLib" {
                    ConvertTo-ComSourceCode -InputObject $TypeLib -InterfacesOnly:$InterfacesOnly
                }
                "FromPath" {
                    [OleViewDotNet.TypeLib.COMTypeLib]::FromFile($Path) | ConvertTo-ComSourceCode -InterfacesOnly:$InterfacesOnly
                }
            }
        } catch {
            Write-Error $_
        }
    }
}

<#
.SYNOPSIS
Imports a COM type library.
.DESCRIPTION
This cmdlet imports a COM type library from an external source.
.PARAMETER Path
The path to a type library to import.
.PARAMETER Object
Get from an IDispatch object.
.PARAMETER TypeLibId
Specify the type library ID.
.PARAMETER Version
Specify the type library version.
.PARAMETER LocalId
Specify the locale ID.
.PARAMETER AsObject
Returns the type library as a COM object.
.INPUTS
None
.OUTPUTS
OleViewDotNet.TypeLib.COMTypeLib
OleViewDotNet.TypeLib.Instance.COMTypeLibInstance
.EXAMPLE
Import-ComTypeLib -Path lib.tlb
Import a type library.
.EXAMPLE
Import-ComTypeLib -Path lib.tlb -Parse
Import a type library and parse it into an easier format.
#>

function Import-ComTypeLib {
    [CmdletBinding()]
    Param(
        [parameter(Mandatory, Position = 0, ParameterSetName = "FromPath")]
        [string]$Path,
        [parameter(Mandatory, ParameterSetName = "FromObject")]
        [object]$Object,
        [parameter(Mandatory, ParameterSetName = "FromRegistered")]
        [guid]$TypeLibId,
        [parameter(Mandatory, ParameterSetName = "FromRegistered")]
        [OleViewDotNet.Interop.COMVersion]$Version,
        [parameter(ParameterSetName = "FromRegistered")]
        [int]$LocaleId = 0,
        [switch]$Parse
    )

    PROCESS {
        try {
            $type_lib = switch($PSCmdlet.ParameterSetName) {
                "FromPath" {
                    [OleViewDotNet.TypeLib.Instance.COMTypeLibInstance]::FromFile($Path)
                }
                "FromObject" {
                    $Object = Unwrap-ComObject $Object
                    [OleViewDotNet.TypeLib.Instance.COMTypeLibInstance]::FromObject($Object)
                }
                "FromRegistered" {
                    [OleViewDotNet.TypeLib.Instance.COMTypeLibInstance]::FromRegistered($TypeLibId, $Version, $LocaleId)
                }
            }

            if ($Parse) {
                try {
                    $type_lib.Parse()
                } 
                finally {
                    $type_lib.Dispose()
                }
            } else {
                $type_lib
            }
        } catch {
            Write-Error $_
        }
    }
}

<#
.SYNOPSIS
Formats a GUID in various formats.
.DESCRIPTION
This cmdlet formats a GUID in various formats.
.INPUTS
System.Guid
.OUTPUTS
string
.EXAMPLE
Format-ComGuid $Guid
Format a GUID to a string.
.EXAMPLE
Format-ComGuid $Guid Object
Format a GUID to a HTML object.
#>

function Format-ComGuid {
    [CmdletBinding()]
    Param(
        [parameter(Mandatory, ValueFromPipeline, Position=0)]
        [Guid]$Guid,
        [OleViewDotNet.Interop.GuidFormat]$Format = "String"
    )

    PROCESS {
        [OleViewDotNet.Utilities.MiscUtilities]::GuidToString($Guid, $Format)
    }
}

<#
.SYNOPSIS
Generate a symbol cache file for the current base DLL.
.DESCRIPTION
This cmdlet generates a symbol cache file in a specified directory. This should be copied to cached_symbols directory
in the installation to allow you to parse processes without symbols. You need to do this in both a 32 and 64 bit
process to get support for both symbols.
.PARAMETER Path
The directory where the cached symbol file will be created.
.INPUTS
None
.OUTPUTS
None
.EXAMPLE
Set-ComSymbolCache .\symbol_cache
Generates a symbol cache in the "symbol_cache" directory.
#>

function Set-ComSymbolCache {
    [CmdletBinding()]
    Param(
        [parameter(Mandatory, Position = 0)]
        [string]$Path
    )

    $Path = Resolve-Path $Path
    if ($null -ne $Path) {
        [OleViewDotNet.Processes.COMProcessParser]::GenerateSymbolFile($Path)
    }
}

<#
.SYNOPSIS
Creates a new OLE storage object.
.DESCRIPTION
This cmdlet creates a new OLE storage object based on a file.
.PARAMETER Path
The path to the storage object to create.
.PARAMETER Mode
The mode to use when creating the storage object.
.PARAMETER Format
The format of the storage object to create.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Utilities.StorageWrapper
.EXAMPLE
New-ComStorageObject storage.stg
Creates a new storage object.
#>

function New-ComStorageObject {
    [CmdletBinding()]
    Param(
        [parameter(Mandatory, Position = 0)]
        [string]$Path,
        [OleViewDotNet.Interop.STGM]$Mode = "SHARE_EXCLUSIVE, READWRITE",
        [OleViewDotNet.Interop.STGFMT]$Format = "Storage"
    )

    $type = [OleViewDotNet.Interop.IStorage]
    $iid = $type.GUID
    $Path = Resolve-LocalPath $Path
    [OleViewDotNet.Utilities.COMUtilities]::CreateStorage($Path, $Mode, $Format)
}

<#
.SYNOPSIS
Opens an existing OLE storage object.
.DESCRIPTION
This cmdlet opens a existing OLE storage object based on a file.
.PARAMETER Path
The path to the storage object to open.
.PARAMETER Mode
The mode to use when opening the storage object.
.PARAMETER Format
The format of the storage object to open.
.PARAMETER ReadOnly
Opens storage read only. Overrides $Mode parameter.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Utilities.StorageWrapper
.EXAMPLE
Get-ComStorageObject storage.stg
Creates a new storage object.
#>

function Get-ComStorageObject {
    [CmdletBinding()]
    Param(
        [parameter(Mandatory, Position = 0)]
        [string]$Path,
        [switch]$ReadOnly,
        [OleViewDotNet.Interop.STGM]$Mode = "SHARE_EXCLUSIVE, READWRITE",
        [OleViewDotNet.Interop.STGFMT]$Format = "Storage"
    )

    $type = [OleViewDotNet.Interop.IStorage]
    $iid = $type.GUID
    $Path = Resolve-LocalPath $Path
    if ($ReadOnly) {
        $Mode = "SHARE_EXCLUSIVE, READ"
    }

    [OleViewDotNet.Utilities.COMUtilities]::OpenStorage($Path, $Mode, $Format)
}

<#
.SYNOPSIS
Get COM runtime interfaces from local metadata.
.DESCRIPTION
This cmdlet gets types representing COM runtime interfaces based on a set of criteria. The default is to return all interfaces.
.PARAMETER Iid
Specify a IID to lookup.
.PARAMETER Name
Specify a name to match against the interface name.
.PARAMETER FullName
Specify a full name to match against the interface name.
.INPUTS
None
.OUTPUTS
System.Type
.EXAMPLE
Get-ComRuntimeInterface
Get all COM runtime interfaces.
.EXAMPLE
Get-ComRuntimeInterface -Iid "00000001-0000-0000-C000-000000000046"
Get COM runtime interface from an IID.
.EXAMPLE
Get-ComRuntimeInterface -Name "IBlah"
Get COM runtime interface called IBlah.
.EXAMPLE
Get-ComRuntimeInterface -FullName "App.ABC.IBlah"
Get COM runtime interface whose full name is App.ABC.IBlah.
#>

function Get-ComRuntimeInterface {
    [CmdletBinding(DefaultParameterSetName = "All")]
    Param(
        [Parameter(Mandatory, ParameterSetName = "FromIid", ValueFromPipelineByPropertyName)]
        [Guid]$Iid,
        [Parameter(Mandatory, ParameterSetName = "FromName")]
        [string]$Name,
        [Parameter(Mandatory, ParameterSetName = "FromFullName")]
        [string]$FullName
    )

    PROCESS {
        switch($PSCmdlet.ParameterSetName) {
            "All" {
                [OleViewDotNet.Utilities.RuntimeMetadata]::Interfaces.Values | Write-Output 
            }
            "FromName" {
                Get-ComRuntimeInterface | Where-Object Name -eq $Name | Write-Output
            }
            "FromFullName" {
                Get-ComRuntimeInterface | Where-Object FullName -eq $FullName | Write-Output
            }
            "FromIid" {
                [OleViewDotNet.Utilities.RuntimeMetadata]::Interfaces[$Iid] | Write-Output
            }
        }
    }
}

<#
.SYNOPSIS
Format COM clients as a DOT graph.
.DESCRIPTION
This cmdlet converts a set of processes with parsed clients into a DOT graph format.
.PARAMETER Process
One or more processes to format.
.PARAMETER RemoveUnknownProcess
Remove unknown processes from the graph.
.PARAMETER IncludePid
Include one or more PIDs as roots of the graph.
.PARAMETER IncludeName
Include one or more process names as roots of the graph.
.PARAMETER Path
Output the graph to a path.
.INPUTS
None
.OUTPUTS
string
.EXAMPLE
Format-ComProcessClient $ps
Format a list of processes.
.EXAMPLE
Get-ComProcess -ParseClients | Format-ComProcessClient
Format a list of processes.
#>

function Format-ComProcessClient {
    [CmdletBinding(DefaultParameterSetName = "All")]
    Param(
        [Parameter(Mandatory, Position = 0, ValueFromPipeline)]
        [OleViewDotNet.Processes.COMProcessEntry[]]$Process,
        [int[]]$IncludePid,
        [string[]]$IncludeName,
        [switch]$RemoveUnknownProcess,
        [string]$Path
    )

    BEGIN {
        $builder = [OleViewDotNetPS.Utils.ComClientGraphBuilder]::new($IncludePid, $IncludeName, $RemoveUnknownProcess)
    }

    PROCESS {
        $builder.AddRange($Process)
    }

    END {
        if ("" -ne $Path) {
            $builder.ToString() | Set-Content -Path $Path
        } else {
            $builder.ToString() | Write-Output
        }
    }
}

<#
.SYNOPSIS
Get COM categories from a database.
.DESCRIPTION
This cmdlet gets the COM categories from a database.
.PARAMETER CatId
Specify a CATID to lookup.
.PARAMETER Name
Specify a name to match against the category name.
.PARAMETER Database
The COM database to use.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Database.COMCategory
.EXAMPLE
Get-ComCategory
Get all COM categories.
.EXAMPLE
Get-ComCategory -CatId "00000001-0000-0000-C000-000000000046"
Get COM category from a CATID.
.EXAMPLE
Get-ComCategory -Name "Blah"
Get the COM category with the name blah.
#>

function Get-ComCategory {
    [CmdletBinding(DefaultParameterSetName = "All")]
    Param(
        [Parameter(Mandatory, ParameterSetName = "FromCatId")]
        [Guid]$CatId,
        [Parameter(Mandatory, ParameterSetName = "FromName")]
        [string]$Name,
        [OleViewDotNet.Database.COMRegistry]$Database
    )

    $Database = Get-CurrentComDatabase $Database
    if ($null -eq $Database) {
        Write-Error "No database specified and current database isn't set"
        return
    }

    switch($PSCmdlet.ParameterSetName) {
        "All" {
            $Database.ImplementedCategories.Values | Write-Output 
        }
        "FromName" {
            Get-ComCategory | Where-Object Name -eq $Name | Write-Output
        }
        "FromCatId" {
            $Database.ImplementedCategories[$CatId] | Write-Output
        }
    }
}

<#
.SYNOPSIS
Filter COM classes based on whether they support one or more interfaces.
.DESCRIPTION
This cmdlet filters COM classes for one or more supported interfaces. This can take a very long time if the interface list needs to be queried first.
.PARAMETER InputObject
The COM class entry to filter on.
.PARAMETER Iid
Filter on an IID or list of IIDs.
.PARAMETER Name
Filter on a name or list of names.
.PARAMETER NameMatch
Filter on a partial matching name.
.PARAMETER Factory
Filter based on the factory interfaces rather than the main class interfaces.
.PARAMETER Refresh
Specify to force the interfaces to be refreshed.
.PARAMETER NoQuery
Specify to not query for the interfaces at all and only return what's already available.
.PARAMETER Exclude
Specify to return classes which do not implement one of the interfaces.
.PARAMETER NoProgress
Don't show progress for query.
.INPUTS
OleViewDotNet.Database.ICOMClassEntry
.OUTPUTS
OleViewDotNet.Database.ICOMClassEntry
.EXAMPLE
Get-ComClass | Select-ComClassInterface -Name "IDispatch"
Get all COM classes which implement IDispatch.
.EXAMPLE
Get-ComClass | Select-ComClassInterface -NameMatch "Blah"
Get all COM classes which implement an interface containing the name Blah.
.EXAMPLE
Get-ComClass | Select-ComClassInterface -Iid "00020400-0000-0000-c000-000000000046"
Get all COM classes which implement an interface with a specific IID.
.EXAMPLE
Get-ComClass | Select-ComClassInterface -Factory -Iid "00000001-0000-0000-C000-000000000046"
Get all COM classes which implement a factory interface with a specific IID.
#>

function Select-ComClassInterface {
    [CmdletBinding(DefaultParameterSetName = "FromName")]
    Param(
        [Parameter(Mandatory, Position = 0, ValueFromPipeline)]
        [OleViewDotNet.Database.ICOMClassEntry]$InputObject,
        [Parameter(Mandatory, ParameterSetName = "FromIid")]
        [Guid[]]$Iid,
        [Parameter(Mandatory, ParameterSetName = "FromName")]
        [string[]]$Name,
        [Parameter(Mandatory, ParameterSetName = "FromNameMatch")]
        [string]$NameMatch,
        [switch]$Factory,
        [switch]$Refresh,
        [switch]$NoQuery,
        [switch]$Exclude,
        [switch]$NoProgress
    )

    PROCESS {
        $result = $false
        $intfs = Get-ComClassInterface $InputObject -Factory:$Factory -Refresh:$Refresh -NoQuery:$NoQuery -NoProgress:$NoProgress
        $result = $false
        foreach($intf in $intfs) {
            switch($PSCmdlet.ParameterSetName) {
                "FromIid" {
                    $result = $intf.Iid -in $Iid
                }
                "FromName" {
                    $result = $intf.Name -in $Name
                }
                "FromNameMatch" {
                    $result = $intf.Name -match $NameMatch
                }
            }
            if ($result) {
                break
            }
        }

        if ($Exclude) {
            $result = !$result
        }

        if ($result) {
            Write-Output $InputObject
        }
    }
}

<#
.SYNOPSIS
Get Windows Runtime extensions.
.DESCRIPTION
This cmdlet gets the Windows Runtime extensions from a database.
.PARAMETER ContractId
Specify a contract ID to lookup.
.PARAMETER Launch
Only show Windows.Launch extensions.
.PARAMETER Protocol
Only show Windows.Protocol extensions. Select out the Protocol property to see the name.
.PARAMETER BackgroundTasks
Only show Windows.BackgroundTasks extensions.
.PARAMETER Database
The COM database to use.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Database.COMRuntimeExtensionEntry
.EXAMPLE
Get-ComRuntimeExtension
Get all Windows Runtime extensions.
.EXAMPLE
Get-ComRuntimeExtension -ContractId "Windows.Protocol"
Get Windows Runtime extensions with contract ID of Windows.Protocol.
.EXAMPLE
Get-ComRuntimeExtension -Launch
Get Windows Runtime extensions with contract ID of Windows.Launch.
.EXAMPLE
Get-ComRuntimeExtension -Protocol
Get Windows Runtime extensions with contract ID of Windows.Protocol.
.EXAMPLE
Get-ComRuntimeExtension -BackgroundTasks
Get Windows Runtime extensions with contract ID of Windows.BackgroundTasks.
#>

function Get-ComRuntimeExtension {
    [CmdletBinding(DefaultParameterSetName = "All")]
    Param(
        [Parameter(Mandatory, ParameterSetName = "FromCategoryId")]
        [string]$ContractId,
        [Parameter(Mandatory, ParameterSetName = "FromLaunch")]
        [switch]$Launch,
        [Parameter(Mandatory, ParameterSetName = "FromProtocol")]
        [switch]$Protocol,
        [Parameter(Mandatory, ParameterSetName = "FromBackgroundTasks")]
        [switch]$BackgroundTasks,
        [OleViewDotNet.Database.COMRegistry]$Database
    )

    $Database = Get-CurrentComDatabase $Database
    if ($null -eq $Database) {
        Write-Error "No database specified and current database isn't set"
        return
    }

    switch($PSCmdlet.ParameterSetName) {
        "All" {
            $Database.RuntimeExtensions | Write-Output 
        }
        "FromCategoryId" {
            $Database.RuntimeExtensionsByContractId[$ContractId] | Write-Output
        }
        "FromLaunch" {
            $Database.RuntimeExtensionsByContractId["Windows.Launch"] | Write-Output
        }
        "FromProtocol" {
            $Database.RuntimeExtensionsByContractId["Windows.Protocol"] | Write-Output
        }
        "FromBackgroundTasks" {
            $Database.RuntimeExtensionsByContractId["Windows.BackgroundTasks"] | Write-Output
        }
    }
}

<#
.SYNOPSIS
Start a Windows Runtime extension.
.DESCRIPTION
This cmdlet starts a Windows Runtime extension and returns a reference to the COM interface.
.PARAMETER ContractId
Specify a contract ID to start.
.PARAMETER PackageId
Specify a package ID to start.
.PARAMETER AppId
Specify an AppId to start.
.PARAMETER Extension
Specify an extension to start.
.PARAMETER UseExistingHostId
Use an existing host ID for the activation. A hosted application in the same package must be running.
.PARAMETER HostId
Specify the host ID to use for the activation.
.PARAMETER NoWrapper
Don't wrap object in a callable wrapper.
.INPUTS
OleViewDotNet.Database.COMRuntimeExtensionEntry
.OUTPUTS
COM object instance.
.EXAMPLE
Start-ComRuntimeExtension $Extension
Start a runtime extension from an extension object.
.EXAMPLE
Get-ComRuntimeExtension -ContractId "Windows.Protocol" -PackageId "Pkg_1.0.0.0_xxxx" -AppId App
Start a runtime extension from parts.
.EXAMPLE
Start-ComRuntimeExtension $Extension -UseExistingHostId
Start a runtime extension from an extension object using an existing host ID.
.EXAMPLE
Start-ComRuntimeExtension $Extension -HostId 1234
Start a runtime extension from an extension object using an specific host ID.
#>

function Start-ComRuntimeExtension {
    [CmdletBinding()]
    Param(
        [parameter(Mandatory, Position = 0, ParameterSetName = "FromParts")]
        [string]$ContractId,
        [parameter(Mandatory, Position = 1, ParameterSetName = "FromParts")]
        [string]$PackageId,
        [parameter(Mandatory, Position = 2, ParameterSetName = "FromParts")]
        [string]$AppId,
        [parameter(Mandatory, Position = 0, ParameterSetName = "FromExtension", ValueFromPipeline)]
        [OleViewDotNet.Database.COMRuntimeExtensionEntry]$Extension,
        [switch]$UseExistingHostId,
        [int64]$HostId,
        [switch]$NoWrapper
    )

    PROCESS {
        try
        {
            switch($PSCmdlet.ParameterSetName) {
                "FromParts" {
                    $act = [OleViewDotNet.Utilities.RuntimeExtensionActivator]::new($ContractId, 
                            $PackageId, $AppId)
                }
                "FromExtension" {
                    $act = [OleViewDotNet.Utilities.RuntimeExtensionActivator]::new($Extension)
                }
            }
            
            if ($UseExistingHostId) {
                $act.UseExistingHostId()
            } else {
                $act.HostId = $HostId
            }
            $obj = $act.Activate()
            if ($null -ne $obj) {
                $type = [OleViewDotNet.Interop.IUnknown]
                Wrap-ComObject $obj -Type $type -NoWrapper:$NoWrapper | Write-Output
            }
        }
        catch
        {
            Write-Error $_
        }
    }
}

<#
.SYNOPSIS
Get COM MIME types.
.DESCRIPTION
This cmdlet gets the COM mime types from a database.
.PARAMETER MimeType
Specify the name of a MIME type to lookup.
.PARAMETER Extension
Specify the file extension of a MIME type to lookup, can have a period or not.
.PARAMETER Database
The COM database to use.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Database.COMMimeType
.EXAMPLE
Get-ComMimeType
Get all COM MIME types from the current database.
.EXAMPLE
Get-ComMimeType -MimeType "application/xml"
Get the COM MIME type with the name application/xml.
.EXAMPLE
Get-ComMimeType -Extension xml
Get the COM MIME type with the extension xml.
#>

function Get-ComMimeType {
    [CmdletBinding(DefaultParameterSetName = "All")]
    Param(
        [Parameter(Mandatory, ParameterSetName = "FromMimeType")]
        [string]$MimeType,
        [Parameter(Mandatory, ParameterSetName = "FromExtension")]
        [string]$Extension,
        [OleViewDotNet.Database.COMRegistry]$Database
    )

    $Database = Get-CurrentComDatabase $Database
    if ($null -eq $Database) {
        Write-Error "No database specified and current database isn't set"
        return
    }

    switch($PSCmdlet.ParameterSetName) {
        "All" {
            $Database.MimeTypes | Write-Output 
        }
        "FromMimeType" {
            $Database.MimeTypes | Where-Object MimeType -eq $MimeType | Write-Output
        }
        "FromExtension" {
            if (!$Extension.StartsWith(".")) {
                $Extension = "." + $Extension
            }
            $Database.MimeTypes | Where-Object Extension -eq $Extension | Write-Output
        }
    }
}

<#
.SYNOPSIS
Get COM ProgIDs from a database.
.DESCRIPTION
This cmdlet gets COM ProgIDs from the database based on a set of criteria. The default is to return all registered ProgIds.
.PARAMETER Database
The database to use.
.PARAMETER ProgId
Specify a ProgID to lookup.
.PARAMETER Name
Specify a name to match against the ProgId name.
.PARAMETER Source
Specify a source where the ProgID came from.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Database.COMProgIDEntry
.EXAMPLE
Get-ComProgId
Get all COM ProgIds from the current database.
#>

function Get-ComProgId {
    [CmdletBinding(DefaultParameterSetName = "All")]
    Param(
        [OleViewDotNet.Database.COMRegistry]$Database,
        [Parameter(Position = 0, Mandatory, ParameterSetName = "FromProgId")]
        [string]$ProgId,
        [Parameter(Mandatory, ParameterSetName = "FromName")]
        [string]$Name,
        [Parameter(Mandatory, ParameterSetName = "FromSource")]
        [OleViewDotNet.Database.COMRegistryEntrySource]$Source
    )
    $Database = Get-CurrentComDatabase $Database
    if ($null -eq $Database) {
        Write-Error "No database specified and current database isn't set"
        return
    }
    switch($PSCmdlet.ParameterSetName) {
        "All" {
            Write-Output $Database.Progids.Values
        }
        "FromProgId" {
            Write-Output $Database.Progids[$ProgId]
        }
        "FromName" {
            Get-ComProgId -Database $Database | Where-Object Name -Match $Name | Write-Output
        }
        "FromSource" {
            Get-ComProgId -Database $Database | Where-Object Source -eq $Source | Write-Output
        }
    }
}

<#
.SYNOPSIS
Converts a type library to a .NET assembly.
.DESCRIPTION
This cmdlet converts a type library to a .NET assembly. This assembly can then be used to
access COM interfaces. The assembly will be automatically registered with the applications so that you can use it with
Get-ComObjectInterface.
.PARAMETER TypeLib
The type library version entry to convert.
.PARAMETER Path
The path to a type library to convert.
.PARAMETER NoProgress
Don't show progress during conversion.
.INPUTS
None
.OUTPUTS
System.Reflection.Assembly
#>

function ConvertTo-ComAssembly {
    [CmdletBinding(DefaultParameterSetName="FromTypeLib")]
    Param(
        [parameter(Mandatory, ParameterSetName = "FromTypeLib", Position = 0)]
        [OleViewDotNet.Database.COMTypeLibVersionEntry]$TypeLib,
        [parameter(Mandatory, ParameterSetName = "FromPath", Position = 0)]
        [string]$Path,
        [switch]$NoProgress
    )

    PROCESS {
        $callback = New-CallbackProgress -Activity "Converting to Assembly" -NoProgress:$NoProgress
        switch($PSCmdlet.ParameterSetName) {
            "FromTypeLib" {
                Get-ComTypeLibAssembly -TypeLib $TypeLib -NoProgress:$NoProgress | Write-Output
            }
            "FromPath" {
                Get-ComTypeLibAssembly -Path $TypeLib -NoProgress:$NoProgress | Write-Output
            }
        }
    }
}

<#
.SYNOPSIS
Converts various input formats into a GUID.
.DESCRIPTION
This cmdlet converts various input formats into a GUID structure.
.PARAMETER ComGuid
Get GUIDs from database objects.
.PARAMETER Bytes
Convert from a 16 byte array.
.PARAMETER Ints
Convert from a 4 integer array.
.INPUTS
None
.OUTPUTS
System.Guid
#>

function Get-ComGuid {
    [CmdletBinding(DefaultParameterSetName="FromComGuid")]
    Param(
        [parameter(Mandatory, ParameterSetName = "FromComGuid", Position = 0, ValueFromPipeline)]
        [OleViewDotNet.Utilities.ICOMGuid[]]$ComGuid,
        [parameter(Mandatory, ParameterSetName = "FromBytes")]
        [byte[]]$Bytes,
        [parameter(Mandatory, ParameterSetName = "FromInts")]
        [int[]]$Ints
    )

    PROCESS {
        switch($PSCmdlet.ParameterSetName) {
            "FromBytes" {
                [guid]::new($Bytes) | Write-Output
            }
            "FromInts" {
                [OleViewDotNetPS.Utils.PowerShellUtils]::GuidFromInts($Ints) | Write-Output
            }
            "FromComGuid" {
                foreach($obj in $Object) {
                    $Object.ComGuid | Write-Output
                }
            }
        }
    }
}

<#
.SYNOPSIS
Tests if an object supports an interface.
.DESCRIPTION
This cmdlet queries a COM object for a specified interface.
.PARAMETER Iid
The IID of the interface.
.PARAMETER Interface
A COM interface entry.
.PARAMETER Object
The object to query.
.INPUTS
None
.OUTPUTS
Boolean
#>

function Test-ComInterface {
    [CmdletBinding(DefaultParameterSetName="FromIid")]
    Param(
        [parameter(Mandatory, ParameterSetName = "FromIid", Position = 0)]
        [Guid]$Iid,
        [parameter(Mandatory, Position=1)]
        [object]$Object,
        [parameter(Mandatory, ParameterSetName = "FromIntf", Position = 0)]
        [OleViewDotNet.Database.COMInterfaceEntry]$Interface
    )

    if($PSCmdlet.ParameterSetName -eq "FromIid") {
        $Interface = Get-ComInterface -Iid $Iid -AllowNoReg
    }

    $Object = Unwrap-ComObject -Object $Object

    return $Interface.TestInterface($Object)
}

<#
.SYNOPSIS
Views a COM security descriptor.
.DESCRIPTION
This cmdlet opens a viewer for a COM security descriptor.
.PARAMETER SecurityDescriptor
The security descriptor to view in SDDL format.
.PARAMETER ShowAccess
Show access rights rather than launch rights.
.PARAMETER InputObject
Shows the security descriptor for a database object.
.PARAMETER Default
Shows the default security descriptor for the specified database.
.PARAMETER RuntimeDefault
Shows the default security descriptor for the Windows Runtime Broker.
.PARAMETER Restriction
Shows the security descriptor restriction for the specified database.
.PARAMETER Database
Specify the database for showing the default or restriction security descriptors.
.PARAMETER SdkName
Specify to format the security descriptor with SDK style names.
.INPUTS
None
.OUTPUTS
None
.EXAMPLE
Format-ComSecurityDescriptor $obj
Format a launch security descriptor from an object.
.EXAMPLE
Format-ComSecurityDescriptor $obj -ShowAccess
Format an access security descriptor from an object.
.EXAMPLE
Format-ComSecurityDescriptor -SecurityDescriptor "D:(A;;GA;;;WD)"
Format a SDDL launch security descriptor.
.EXAMPLE
Format-ComSecurityDescriptor -SecurityDescriptor "D:(A;;GA;;;WD)" -ShowAccess
Format a SDDL access security descriptor.
.EXAMPLE
Format-ComSecurityDescriptor -Default
Format the default launch security descriptor for the current database.
.EXAMPLE
Format-ComSecurityDescriptor -Default -ShowAccess
Format the default access security descriptor for the current database.
.EXAMPLE
Format-ComSecurityDescriptor -Restriction
Format the launch security descriptor restriction for the current database.
.EXAMPLE
Format-ComSecurityDescriptor -Restriction -ShowAccess
Format the access security descriptor restriction for the current database.
#>

function Format-ComSecurityDescriptor {
    [CmdletBinding(DefaultParameterSetName="FromObject")]
    Param(
        [Parameter(Mandatory, ParameterSetName = "FromSddl")]
        [OleViewDotNet.Security.COMSecurityDescriptor]$SecurityDescriptor,
        [Parameter(Mandatory, Position = 0, ValueFromPipeline, ParameterSetName = "FromObject")]
        [OleViewDotNet.Security.ICOMAccessSecurity]$InputObject,
        [Parameter(Mandatory, ParameterSetName = "FromRestriction")]
        [switch]$Restriction,
        [Parameter(Mandatory, ParameterSetName = "FromDefault")]
        [switch]$Default,
        [Parameter(Mandatory, ParameterSetName = "FromRuntimeDefault")]
        [switch]$RuntimeDefault,
        [Parameter(ParameterSetName = "FromRestriction")]
        [Parameter(ParameterSetName = "FromDefault")]
        [OleViewDotNet.Database.COMRegistry]$Database,
        [switch]$ShowAccess,
        [switch]$SdkName
    )

    PROCESS {
        if ($PSCmdlet.ParameterSetName -eq "FromRestriction" -or $PSCmdlet.ParameterSetName -eq "FromDefault") {
            $Database = Get-CurrentComDatabase $Database
            if ($null -eq $Database) {
                Write-Error "No database specified and current database isn't set"
                return
            }
        }

        try {
            $name = ""
            switch($PSCmdlet.ParameterSetName) {
                "FromSddl" {
                    # Do nothing.
                }
                "FromObject" {
                    $name = $InputObject.Name
                    if ($ShowAccess) {
                        $SecurityDescriptor = [OleViewDotNet.Security.COMSecurity]::GetAccessPermission($InputObject)
                    } else {
                        $SecurityDescriptor = [OleViewDotNet.Security.COMSecurity]::GetLaunchPermission($InputObject)
                    }
                }
                "FromDefault" {
                    $name = "Default"
                    if ($ShowAccess) {
                        $SecurityDescriptor = $Database.DefaultAccessPermission
                    } else {
                        $SecurityDescriptor = $Database.DefaultLaunchPermission
                    }
                }
                "FromRestriction" {
                    $name = "Restriction"
                    if ($ShowAccess) {
                        $SecurityDescriptor = $Database.DefaultAccessRestriction
                    } else {
                        $SecurityDescriptor = $Database.DefaultLaunchRestriction
                    }
                }
                "FromRuntimeDefault" {
                    $SecurityDescriptor = [OleViewDotNet.Database.COMRuntimeClassEntry]::DefaultActivationPermission
                }
            }

            if ("" -ne $name) {
                "Name : $name"
                if ($ShowAccess) {
                    "Type : Access"
                } else {
                    "Type : Launch/Activate"
                }
            }
            [OleViewDotNetPS.Utils.PowerShellUtils]::FormatSecurityDescriptor($SecurityDescriptor, $SdkName)
        } catch {
            Write-Error $_
        }
    }
}

<#
.SYNOPSIS
Exports interface name cache list to a file.
.DESCRIPTION
This cmdlet exports an interface name cache list to a file.
.PARAMETER Path
The path to the file to export to.
.INPUTS
None
.OUTPUTS
None
#>

function Export-ComInterfaceNameCache {
    [CmdletBinding()]
    Param(
        [parameter(Mandatory, Position = 0)]
        [string]$Path,
        [OleViewDotNet.Database.COMRegistry]$Database
    )

    $Database = Get-CurrentComDatabase $Database
    if ($null -eq $Database) {
        Write-Error "No database specified and current database isn't set"
        return
    }
    $writer = [System.IO.StringWriter]::new()
    $Database.ExportIidNameCache($writer)
    $writer.ToString() | Set-Content -Path $Path
}

<#
.SYNOPSIS
Gets an access token for COM access checking.
.DESCRIPTION
This cmdlet gets an access token from various sources.
.PARAMETER ProcessId
Get the token from a process.
.PARAMETER Anonymous
Get the anonymous token.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Security.COMAccessToken
#>

function Get-ComAccessToken {
    [CmdletBinding(DefaultParameterSetName="FromProcessId")]
    Param(
        [parameter(ParameterSetName = "FromProcessId", Position = 0)]
        [int]$ProcessId = $pid,
        [parameter(Mandatory, ParameterSetName = "FromAnonymous")]
        [switch]$Anonymous,
        [parameter(ParameterSetName = "FromFiltered")]
        [OleViewDotNet.Security.COMAccessToken]$BaseToken,
        [parameter(ParameterSetName = "FromFiltered")]
        [OleViewDotNet.Security.COMSid[]]$SidsToDisable,
        [parameter(ParameterSetName = "FromFiltered")]
        [OleViewDotNet.Security.COMSid[]]$RestrictedSids,
        [parameter(ParameterSetName = "FromFiltered")]
        [switch]$LuaToken,
        [parameter(ParameterSetName = "FromFiltered")]
        [switch]$DisableMaxPrivileges,
        [parameter(ParameterSetName = "FromFiltered")]
        [switch]$WriteRestricted,
        [parameter(ParameterSetName = "FromFiltered")]
        [switch]$LowIntegrityLevel,
        [parameter(Mandatory, ParameterSetName = "FromLogon")]
        [parameter(Mandatory, ParameterSetName = "FromS4U")]
        [OleViewDotNet.Security.COMCredentials]$Credentials,
        [parameter(ParameterSetName = "FromLogon")]
        [parameter(ParameterSetName = "FromS4U")]
        [OleViewDotNet.Security.TokenLogonType]$LogonType = "Network",
        [parameter(Mandatory, ParameterSetName = "FromS4U")]
        [switch]$S4U
    )

    switch($PSCmdlet.ParameterSetName) {
        "FromProcessId" {
            [OleViewDotNet.Security.COMAccessToken]::FromProcess($ProcessId)
        }
        "FromAnonymous" {
            [OleViewDotNet.Security.COMAccessToken]::GetAnonymous()
        }
        "FromFiltered" {
            $token = [OleViewDotNet.Security.COMAccessToken]::GetFiltered($BaseToken, $LuaToken, `
                $DisableMaxPrivileges, $WriteRestricted, $SidsToDisable, $RestrictedSids)
            if ($LowIntegrityLevel) {
                $token.SetLowIntegrityLevel();
            }
            $token
        }
        "FromLogon" {
            [OleViewDotNet.Security.COMAccessToken]::Logon($Credentials, $LogonType)
        }
        "FromS4U" {
            [OleViewDotNet.Security.COMAccessToken]::LogonS4U($Credentials, $LogonType)
        }
    }
}

<#
.SYNOPSIS
Gets credentials.
.DESCRIPTION
This cmdlet gets a set of user credentials from the console.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Security.COMCredentials
#>

function Get-ComCredential {
    $creds = [OleViewDotNet.Security.COMCredentials]::new()
    $creds.UserName = Read-Host -Prompt "UserName"
    $creds.Domain = Read-Host -Prompt "Domain"
    $creds.Password = Read-Host -AsSecureString -Prompt "Password"
    $creds
}

<#
.SYNOPSIS
Converts a database or related object into source code.
.DESCRIPTION
This cmdlet converts database or related object into source code.
.PARAMETER InputObject
The input object to convert.
.PARAMETER HideComments
Specify to hide comments from the output.
.PARAMETER InterfacesOnly
Specify to only output interfaces and class definitions, not other types.
.PARAMETER OutputType
Specify the output source code format. Only applies to formatting proxy objects.
.PARAMETER Parse
Specify to try and parse the object's source code before formatting.
.INPUTS
OleViewDotNet.Utilities.Format.ICOMSourceCodeFormattable
.OUTPUTS
string
.EXAMPLE
ConvertTo-ComSourceCode $obj
Convert a COM object to source code.
.EXAMPLE
ConvertTo-ComSourceCode $obj -HideComments
Convert a COM object to source code hiding comments.
#>

function ConvertTo-ComSourceCode {
    [CmdletBinding()]
    Param(
        [parameter(Mandatory, Position=0, ValueFromPipeline)]
        $InputObject,
        [switch]$HideComments,
        [switch]$InterfacesOnly,
        [OleViewDotNet.Utilities.Format.COMSourceCodeBuilderType]$OutputType = "Idl",
        [OleViewDotNet.Database.COMRegistry]$Database,
        [switch]$Parse
    )
    BEGIN {
        $Database = Get-CurrentComDatabase $Database
        if ($null -eq $Database) {
            throw "No database specified and current database isn't set"
        }

        $builder = [OleViewDotNet.Utilities.Format.COMSourceCodeBuilder]::new($Database)
        $builder.HideComments = $HideComments
        $builder.InterfacesOnly = $InterfacesOnly
        $builder.OutputType = $OutputType
    }

    PROCESS {
        try {
            $builder.AppendObject($InputObject, $Parse)
        } catch {
            Write-Error $_
        }
    }

    END {
        $builder.ToString()
    }
}

<#
.SYNOPSIS
Gets a COM authentication info structure.
.DESCRIPTION
This cmdlet gets a COM authentication info structure to connect to a remote server.
.PARAMETER InputObject
The input object to convert.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Security.COMAuthInfo
#>

function Get-ComAuthInfo {
    [CmdletBinding()]
    Param(
        [OleViewDotNet.Marshaling.RpcAuthnService]$AuthnSvc = "WinNT",
        [string]$ServerPrincName,
        [OleViewDotNet.Interop.RPC_AUTHN_LEVEL]$AuthnLevel = "PKT_PRIVACY",
        [OleViewDotNet.Interop.RPC_IMP_LEVEL]$ImpLevel = "IMPERSONATE",
        [OleViewDotNet.Interop.RPC_C_QOS_CAPABILITIES]$Capabilities = 0,
        [OleViewDotNet.Security.COMCredentials]$AuthIdentityData
    )

    $auth_info = [OleViewDotNet.Security.COMAuthInfo]::new()
    $auth_info.AuthnSvc = $AuthnSvc
    $auth_info.ServerPrincName = $ServerPrincName
    $auth_info.AuthnLevel = $AuthnLevel
    $auth_info.ImpersonationLevel = $ImpLevel
    $auth_info.Capabilities = $Capabilities
    $auth_info.AuthIdentityData = $AuthIdentityData
    $auth_info
}

<#
.SYNOPSIS
Gets a connected RPC client for this COM object.
.DESCRIPTION
This cmdlet parses the COM proxy information for an interface and build an RPC client to call methods on the object.
.PARAMETER Object
The COM object to call.
.PARAMETER Iid
A COM IID which is being proxied.
.OUTPUTS
The RPC client.
#>

function Get-ComRpcClient {
    [CmdletBinding(DefaultParameterSetName = "FromObject")]
    Param(
        [parameter(Mandatory, Position=0, ParameterSetName="FromObject")]
        $Object,
        [parameter(Mandatory, Position=1)]
        [Guid]$Iid,
        [OleViewDotNet.Database.COMRegistry]$Database
    )

    try {
        $proxy = Get-ComProxy -Iid $Iid -Database $Database
        $rem = [OleViewDotNet.Rpc.COMOxidResolver]::GetRemoteObject($Object)
        $client = $rem.CreateClient($proxy, $true)
        $rem.Dispose()
        $client
    } catch {
        Write-Error $_
    }
}

<#
.SYNOPSIS
Gets a COM standard activator object.
.DESCRIPTION
This cmdlet gets a new COM standard activator object.
.OUTPUTS
OleViewDotNet.Utilities.COMStandardActivator
#>

function New-ComStandardActivator {
    [OleViewDotNet.Utilities.COMStandardActivator]::new()
}

<#
.SYNOPSIS
Gets a connected COM activator for this client.
.DESCRIPTION
This cmdlet creates and connects a COM activator client. This can either be local or remote.
.PARAMETER Hostname
The hostname to connect to.
.OUTPUTS
OleViewDotNet.Rpc.COMActivator
#>

function New-ComActivator {
    [CmdletBinding(DefaultParameterSetName = "LocalActivator")]
    Param(
        [parameter(Mandatory, Position=0, ParameterSetName="RemoteActivator")]
        [string]$Hostname
    )

    if ($PSCmdlet.ParameterSetName -eq "RemoteActivator") {
        [OleViewDotNet.Rpc.COMActivator]::Connect($Hostname)
    } else {
        [OleViewDotNet.Rpc.COMActivator]::Connect()
    }
}

<#
.SYNOPSIS
Creates a new activation properties in structure to send to a COM activator.
.DESCRIPTION
This cmdlet creates a new activation properties in structure to send to a COM activator.
.PARAMETER Clsid
Specify the clsid for initialization.
.PARAMETER ClassContext
Specify the class context.
.PARAMETER ActivationFlags
Specify activation flags.
.PARAMETER InitLocalScmRequestInfo
Specify to intialize the SCM request for a local call. Needs symbols configured.
.PARAMETER Iid
Specify a list of IIDs to request.
.OUTPUTS
OleViewDotNet.Rpc.ActivationProperties.ActivationPropertiesIn
#>

function New-ComActivationProperties {
    [CmdletBinding(DefaultParameterSetName = "Default")]
    Param(
        [parameter(ParameterSetName="FromClsid")]
        [Guid]$Clsid = [guid]::Empty,
        [Parameter(ParameterSetName = "FromClsid")]
        [OleViewDotNet.Interop.CLSCTX]$ClassContext = "LOCAL_SERVER",
        [Parameter(ParameterSetName = "FromClsid")]
        [OleViewDotNet.Rpc.ActivationProperties.ActivationFlags]$ActivationFlags = 0,
        [Parameter(ParameterSetName = "FromClsid")]
        [switch]$InitLocalScmRequestInfo,
        [Parameter(ParameterSetName = "FromClsid")]
        [guid[]]$Iid = @()
    )

    $props = [OleViewDotNet.Rpc.ActivationProperties.ActivationPropertiesIn]::new()
    if ($PSCmdlet.ParameterSetName -eq "FromClsid") {
        $props.SetClass($Clsid, $ClassContext)
        $props.SetActivationFlags($ActivationFlags)
        $props.AddIids($Iid)
        if ($InitLocalScmRequestInfo) {
            $props.ScmRequestInfo.SetPrivateScmInfoFromCurrentProcess()
        }
    }
    $props
}

<#
.SYNOPSIS
Gets a COM proxy name information.
.DESCRIPTION
This cmdlet gets a COM proxy's names as an XML or JSON file so that you then can be edited.
.PARAMETER Proxy
The proxy get the names for.
.PARAMETER AsObject
Return the name information as an object.
.PARAMETER Format
Specify the output format of XML or JSON.
.INPUTS
None
.OUTPUTS
string
OleViewDotNet.Proxy.Editor.COMProxyInterfaceNameData
.EXAMPLE
Get-ComProxyName $proxy
Get COM proxy names as XML.
.EXAMPLE
Get-ComProxyName $proxy -Format Json
Get COM proxy names as JSON.
.EXAMPLE
Get-ComProxyName $proxy -AsObject
Get COM proxy names as an object.
#>

function Get-ComProxyName {
    [CmdletBinding(DefaultParameterSetName="AsString")]
    Param(
        [parameter(Mandatory, Position=0)]
        [OleViewDotNet.Proxy.COMProxyInterface]$Proxy,
        [parameter(Mandatory, ParameterSetName = "AsObject")]
        [switch]$AsObject,
        [parameter(ParameterSetName = "AsString")]
        [parameter(ParameterSetName = "ToFile")]
        [OleViewDotNet.Proxy.Editor.COMProxyInterfaceNameDataExportFormat]$Format = "Xml"
    )

    switch($PSCmdlet.ParameterSetName) {
        "AsString" {
            $Proxy.GetNames().Export($Format)
        }
        "AsObject" {
            $Proxy.GetNames()
        }
    }
}

<#
.SYNOPSIS
Set a COM proxy name information.
.DESCRIPTION
This cmdlet sets a COM proxy's names from an XML/JSON file or object so that you then can be edited.
.PARAMETER Proxy
The proxy entry to set.
.PARAMETER Name
The proxy name information. Can be an object or an XML or JSON document string.
.INPUTS
None
.OUTPUTS
None
.EXAMPLE
Set-ComProxyName $proxy "<...>"
Set COM proxy names from XML.
.EXAMPLE
Set-ComProxyName $proxy $name
Set COM proxy names from an object.
#>

function Set-ComProxyName {
    [CmdletBinding(DefaultParameterSetName="FromObject")]
    Param(
        [parameter(Mandatory, Position=0)]
        [OleViewDotNet.Proxy.COMProxyInterface]$Proxy,
        [parameter(Mandatory, Position=1, ParameterSetName = "FromObject")]
        [OleViewDotNet.Proxy.Editor.COMProxyInterfaceNameData]$Name
    )

    $n = switch($PSCmdlet.ParameterSetName) {
        "FromObject" {
            $Name
        }
    }

    $Proxy.UpdateNames($n)
}

<#
.SYNOPSIS
Exports a COM proxy's name information.
.DESCRIPTION
This cmdlet exports a COM proxy's names as an XML or JSON file so that you then can be edited.
.PARAMETER Proxy
The proxy get the names for.
.PARAMETER Path
The path to write to.
.PARAMETER Format
The format of the exported file.
.INPUTS
None
.OUTPUTS
None
.EXAMPLE
Export-ComProxyName $proxy -Path output.xml
Export COM proxy names as XML.
.EXAMPLE
Export-ComProxyName $proxy -Format Json -Path output.json
Export COM proxy names as JSON.
#>

function Export-ComProxyName {
    [CmdletBinding(DefaultParameterSetName="ToFile")]
    Param(
        [parameter(Mandatory, Position=0)]
        [OleViewDotNet.Proxy.COMProxyInterface]$Proxy,
        [parameter(ParameterSetName = "ToFile")]
        [string]$Path,
        [parameter(ParameterSetName = "ToFile")]
        [OleViewDotNet.Proxy.Editor.COMProxyInterfaceNameDataExportFormat]$Format = "Xml",
        [parameter(ParameterSetName = "ToCache")]
        [switch]$ToCache
    )

    switch($PSCmdlet.ParameterSetName) {
        "ToFile" {
            $Proxy.GetNames().Export($Format) | Set-Content -Path $Path
        }
        "ToCache" {
            $Proxy.GetNames().SaveToCache()
        }
    }
}

<#
.SYNOPSIS
Imports a COM proxy's name information.
.DESCRIPTION
This cmdlet import a COM proxy's names as an XML or JSON file so that you then can be edited.
.PARAMETER Path
The path to read from.
.INPUTS
None
.OUTPUTS
None
.EXAMPLE
Import-ComProxyName -Proxy $proxy -Path output.xml
Import COM proxy names from XML.
.EXAMPLE
Import-ComProxyName $proxy -FromCache
Import COM proxy names from cache.
#>

function Import-ComProxyName {
    [CmdletBinding(DefaultParameterSetName="FromFile")]
    Param(
        [parameter(Mandatory, Position=0)]
        [OleViewDotNet.Proxy.COMProxyInterface]$Proxy,
        [parameter(ParameterSetName = "FromFile")]
        [string]$Path,
        [parameter(Mandatory, ParameterSetName = "FromCache")]
        [switch]$FromCache
    )

    try
    {
        $names = switch($PSCmdlet.ParameterSetName) {
            "FromFile" {
                Get-Content -Path $Path | Out-String
            }
            "FromCache" {
                [OleViewDotNet.Proxy.Editor.COMProxyInterfaceNameData]::LoadFromCache($Proxy.Iid)
            }
        }
        Set-ComProxyName -Proxy $proxy -Name $names
    }
    catch
    {
        Write-Error $_
    }
}

<#
.SYNOPSIS
Get a COM runtime type from an interface or class.
.DESCRIPTION
This cmdlet gets a COM runtime type from an interface or class.
.PARAMETER InputObject
The object to query.
.INPUTS
None
.OUTPUTS
System.Type
.EXAMPLE
Get-ComRuntimeType $intf
Get the runtime type from an interface.
#>

function Get-ComRuntimeType {
    [CmdletBinding()]
    Param(
        [parameter(Mandatory, Position=0, ValueFromPipeline)]
        [OleViewDotNet.DataBase.ICOMRuntimeType]$InputObject
    )

    PROCESS {
        if ($InputObject.HasRuntimeType) {
            $InputObject.GetRuntimeType()
        }
    }
}

<#
.SYNOPSIS
Edit a source code object.
.DESCRIPTION
This cmdlet allows you to edit a source code object such as a proxy.
.PARAMETER Proxy
The proxy to edit.
.INPUTS
None
.OUTPUTS
None
.EXAMPLE
Edit-ComSourceCode $proxy
Edit a COM proxy.
#>

function Edit-ComSourceCode {
    [CmdletBinding()]
    Param(
        [parameter(Mandatory, Position=0)]
        [OleViewDotNet.Utilities.Format.ICOMSourceCodeEditable]$InputObject
    )

    $frm = [OleViewDotNet.Forms.EditSourceCodeForm]::new($InputObject)
    $frm.ShowDialog() | Out-Null
    $frm.Dispose()
}

<#
.SYNOPSIS
Get list of registered objects in the ROT.
.DESCRIPTION
This cmdlet gets the list of registered objects in the ROT.
.PARAMETER TrustedOnly
Only show trusted entries.
.INPUTS
None
.OUTPUTS
OleViewDotNet.Utilities.COMRunningObjectTableEntry[]
.EXAMPLE
Get-ComRunningObjectTable
Get the list of registered objects in the ROT.
#>

function Get-ComRunningObjectTable {
    Param(
        [switch]$TrustedOnly
    )

    [OleViewDotNet.Utilities.COMRunningObjectTable]::EnumRunning($TrustedOnly) | Write-Output
}

<#
.SYNOPSIS
Get a COM running object.
.DESCRIPTION
This cmdlet gets a COM running object from a display name or entry.
.PARAMETER Entry
The entry to get the object from.
.PARAMETER Name
The name of the object.
.PARAMETER TrustedOnly
Only get from trusted list.
.PARAMETER Iid
Specify the wrapping IID.
.PARAMETER NoWrapper
Specify to return an unwrapped object.
.INPUTS
None
.OUTPUTS
object
.EXAMPLE
Get-ComRunnigObject -Name "clsid:ABC"
Get the running object for a name.
#>

function Get-ComRunningObject {
    [CmdletBinding(DefaultParameterSetName="FromName")]
    Param(
        [parameter(Mandatory, Position=0, ParameterSetName="FromName")]
        [string]$Name,
        [parameter(ParameterSetName="FromName")]
        [switch]$TrustedOnly,
        [parameter(Mandatory, Position=0, ValueFromPipeline, ParameterSetName="FromEntry")]
        [OleViewDotNet.Utilities.COMRunningObjectTableEntry]$Entry,
        [Guid]$Iid = "00000000-0000-0000-C000-000000000046",
        [switch]$NoWrapper
    )

    PROCESS {
        $obj = switch($PSCmdlet.ParameterSetName) {
            "FromName" {
                [OleViewDotNet.Utilities.COMRunningObjectTable]::GetObject($Name, $TrustedOnly)
            }
            "FromEntry" {
                $Entry.GetObject()
            }
        }
        Wrap-ComObject -Object $obj -Iid $Iid -NoWrapper:$NoWrapper
    }
}