The problem with this code is the getprocaddr isn't being returned in the variable MsgBoxPtr, however if I put in ecx,edx, etc... returns fines. I tossed in a int 3 so that the program with break in a debugger(I used olly) and you can see the value of ecx. Any help would be much appreciated.
.386
.model flat,stdcall
option casemap:none
include \masm32\include\windows.inc
include \masm32\include\user32.inc
includelib \masm32\lib\user32.lib
include \masm32\include\kernel32.inc
includelib \masm32\lib\kernel32.lib
MyTestProc proto :DWORD
.data
szUser32 db "user32.dll",0
szMsgBox db "MessageBoxA",0
.data?
MsgBoxPtr dword ?
.code
MyTestProc proc idata:DWORD
invoke LoadLibrary,addr szUser32
invoke GetProcAddress,eax,addr szMsgBox
mov idata,eax
ret
MyTestProc endp
start:
invoke MyTestProc,addr MsgBoxPtr
mov ecx,MsgBoxPtr
int 3 ;check value of ecx in ollydbg here
invoke ExitProcess,0
end start
The problem is that idata is a stack variable, so "mov idata,eax" puts eax into the stack (e.g. mov dword ptr [ebp+8],eax).
Change the code like this
mov edx,idata
mov [edx],eax
wow alright thanks! Really appreciate the help. :bg