six_L
December 18th, 2013, 20:18
Code:
GetApiAdd proc dllnameWORD,procname
Local hdll:HWND
invoke LoadLibrary,dllname
.if eax==0
ret
.else
mov hdll,eax
invoke GetProcAddress,hdll,procname
push eax
invoke FreeLibrary,hdll
pop eax
.endif
ret
GetApiAdd endp
Code:
invoke GetApiAdd,CTXT("ntdll.dll",CTXT("RtlDispatchException"
test eax, eax
jz HookKiUserExceptionDispatcher_Ret
mov cAddrRtlDispatchException, eax