windowswinapiassemblydllloadlibrary
GetProcAddress doesn't return the real address for LoadLibraryA
DWORD dwLoadLibrary = (DWORD)GetProcAddress(GetModuleHandleA("kernel32.dll"), "LoadLibraryA");
When I go to the returned address in OllyDbg I can see that this address points to the code which jumps to the real address of LoadLibraryA. I want to get the real address of LoadLibraryA which doesn't change because kernel32.dll is loaded at the same location in every process and also I would like to know why GetProcAddress doesn't return the real address.
Solution
You are getting the "real" address of kernel32.LoadLibraryA, as GetProcAddress() returns the real address. It is just that the implementation of kernel32.LoadLibrayA has moved from kernel32.dll to kernelbase.dll, and as a result kernel32.LoadLibraryA simply consists of a single instruction:
jmp dword ptr[kernelbase.LoadLibraryA]
If you look at more functions in kernel32.dll, many of them also have this same pattern:
kernel32.somefunc:
jmp [kernelbase.somefunc]
- WSL (Kali-linux) dose not have internet accsse
- php : The term 'php' is not recognized as the name of a cmdlet, function, script file, or operable program
- How to set icon for created .skp file by using C API?
- Unable to run Powershell commands in non-interactive mode
- PowerShell script to call git init in all subdirectories
- Running cURL on 64 bit Windows
- CGO undefined reference to `TIFFGetField'
- How do you make clang link directly to a DLL in Windows without a .lib
- Library's CMake generates DLL. Application's CMake wants LIB
- Bitmap info regularly returns series of same wrong values before returning correct pixel colors
- Append text with a newline in a Windows environment with file_put_contents()
- How to install OpenSSL from source on Windows 10/11?
- How dynamic linking reacts on a change in object
- Laravel 5 show ErrorException file_put_contents failed to open stream: No such file or directory
- Beautiful Soup ".find" not working running from windows terminal
- Create a python file using cmd in windows
- Install winget by the command line (powershell)
- OSError: cannot load library 'gobject-2.0': error 0x7e
- Certificate Rebind in IIS 10 using powershell
- Maven: mvn command not found
- C# import certificate and key (PFX) into CNG/KSP
- Some Services stop automatically if they are not in use by other services
- How to create a Run As Administrator shortcut using PowerShell
- Turbo Studio virtualization
- COM port terminal program
- Git Bash and Pageant are not using keys
- How do I link Rusqlite applications against custom SQLite builds on Windows?
- How to get the MAC address of my local network interface by win socket or remote ip
- CryptographicException: Access denied - How to give access on User store?
- Enable VT support for intel haxm on Hyper-V vm (Windows 10 Pro)?