.... for example, when a DLL named "MyDLL.dll" been loaded into memory, I wish to write a program and get its memory address. Could you share with me, which API I may use to locate that please? Thank you in advanced :red
QuoteGetModuleHandle Function
Retrieves a module handle for the specified module. The module must have been loaded by the calling process.
http://msdn.microsoft.com/en-us/library/ms683199(VS.85).aspx
Thank you BlackVortex ! I will try that out later on :U
If your application uses Run-Time Dynamic Linking, LoadLibrary returns the handle to the DLL module.
Quote from: winge on December 04, 2008, 02:04:46 PM
I wish to write a program and get its memory address
No API needed:
include \masm32\include\masm32rt.inc
.code
start: call @F ; we want the eip for start
@@: pop eax
sub eax, 5 ; correct for size of call
MsgBox 0, hex$(eax), "EIP=", MB_OK
exit
end start
Thank you Vortex and jj2007 :U
Just got another thought here .... what if the "name.dll" is run by another program,? How may I write the program to catch its address please? :red
If the dll is not a COM library you can see the list of the name(s) on the dll by using software named disasm. I did use it to build the include file.
Use GetProcAddress to obtain the address.
Just realized that the 2nd idea could be dangerous, like process hacking; so, I think it would be better to stop form here ... but thank you all ! I have got the answer for my query. Using "Module" related APIs can resolve all my issues :P