2013年10月24日
Get GetProcAddress Function Address
摘要: DWORD GetKernel32Base() { DWORD dwKernel32Addr = 0; __asm { push eax; mov eax,dword ptr fs:[0x30] //eax = address of peb mov eax,[eax+0x0C] //address of PEB_LDR_DATA mov eax,[eax+0x1C] // mov eax,[eax] mov eax,[eax+0x08] mov dwKernel32Addr,eax ... 阅读全文
posted @ 2013-10-24 19:22 LambdaTea 阅读(284) 评论(0) 推荐(0) 编辑