Pelles C forum

Assembly language => Assembly discussions => Topic started by: Vortex on October 11, 2010, 09:20:39 PM

Title: Getting the base of kernel32
Post by: Vortex on October 11, 2010, 09:20:39 PM

The code portion below finds the base of kernel32. Originally, the method was mentioned in the Masm forum and I converted to Poasm :

Code: [Select]

include kernbase.inc

.data

capt    db 'Kernel base',0
format1 db 'Address = %X',0

.data?

buffer  db 32 dup(?)

.code

start:

; The code to get the base of kernel32
; may not work on every version of Windows

    mov     ecx,[esp]

@@:

    xor     edx,edx
    dec     ecx
    mov     dx,[ecx+03ch]
    test    dx,0f800h
    jnz     @b
    cmp     ecx,[ecx+edx+34h]
    jnz     @b

    invoke  wsprintf,ADDR buffer,ADDR format1,ecx

    invoke  MessageBox,0,ADDR buffer,ADDR capt,MB_OK

    invoke  ExitProcess,0

END start