How get function address if i have lpBase Of Dll ?

DOS386 wrote:

search for "noimport" http://board.flatassembler.net/topic.php?t=7718

A bit off topic but that code snippet isn't the best. I hate it when the first thing a program does is use a stupid loop to get the base address of kernel32.dll. You can do it in two instructions and it works on all Windows platforms as far as I have tested! When the loader calls your entry point eax is a pointer inside kernel32.dll that is just a single page away from the base of kernel32.dll which is page aligned Smile

(another cool trick is that ebx is loaded with the address to the PEB when the loader calls the entry point)

Code:

xor      ax, ax      ; align eax pointer to page boundaries
sub     eax, 10000h  ; roll back a page. eax is now equal to kernel32.dll base

Anyway... it utilizes a lot of registers but this is something that I wrote that was the first thing my program did so I didn't need them for anything else yet Smile

Code:

;; Assuming that eax contains the pointer to the DOS header of the module
mov     ebx, eax            ; ebx = k32 base addr
mov     edx, eax
add     eax, [eax + 3Ch]    ; eax = ptr to pe header
add     edx, [eax + 78h]    ; edx = ptr to data directory
mov     ecx, [edx + 18h]    ; ecx = number of function names
mov     eax, [edx + 1Ch]
add     eax, ebx            ; eax = address of functions
mov     edx, [edx + 20h]
add     edx, ebx            ; edx = address of names

It's easy from there just google about the export table!

also its my first post ;o