flat assembler
Message board for the users of flat assembler.
Index
> Windows > How get function address if i have lpBase Of Dll ? |
Author |
|
DOS386 11 Nov 2014, 17:27
search for "noimport" http://board.flatassembler.net/topic.php?t=7718
|
|||
11 Nov 2014, 17:27 |
|
lucifer 24 Nov 2014, 02:46
DOS386 wrote: search for "noimport" http://board.flatassembler.net/topic.php?t=7718 Code: xor ax, ax ; align eax pointer to page boundaries sub eax, 10000h ; roll back a page. eax is now equal to kernel32.dll base Code: ;; Assuming that eax contains the pointer to the DOS header of the module mov ebx, eax ; ebx = k32 base addr mov edx, eax add eax, [eax + 3Ch] ; eax = ptr to pe header add edx, [eax + 78h] ; edx = ptr to data directory mov ecx, [edx + 18h] ; ecx = number of function names mov eax, [edx + 1Ch] add eax, ebx ; eax = address of functions mov edx, [edx + 20h] add edx, ebx ; edx = address of names also its my first post ;o |
|||
24 Nov 2014, 02:46 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.