Reputation: 1493
Get address for symbol in current process in Windows
On *nix, you can compile a program with -rdynamic or loading dynamic libraries, use dlopen(NULL, RTLD_NOW) to get handle of current process, then use dlsym() with the handle to get address for a symbol within current process.
I am wondering what is the equivalent for doing so on Windows.
Upvotes: 3
Views: 2561
Answers (1)
Reputation: 4960
On Windows, you can rely on LoadLibrary() and GetProcAddress() APIs, both from kernel32.dll, to load a library and resolve its functions addresses. About GetProcAddr():
Retrieves the address of an exported function or variable from the specified dynamic-link library (DLL).
and takes in parameter:
A handle to the DLL module that contains the function or variable. The LoadLibrary, LoadLibraryEx, LoadPackagedLibrary, or GetModuleHandle function returns this handle.
If you want to resolve the adresses within the libraries of the process from an external process, your best bet would be to debug it with DebugActiveProcess and ReadProcessMemory()
You will have to browse the PE Format structures from the base address of the process. Not trivial, but not that hard. This topic is closely related to code injection, but you might want to read Understanding the Imports Address Table
Upvotes: 1
Related Questions
- How do I get the (physical) baseaddress of an .DLL used in a process?
- How to get address of a symbol in a shared library when provided address of the library?
- Getting symbols for explicitly loaded DLL from the application
- Can I access to symbols of the host process from a shared object loaded in runtime? Any alternative?
- Referencing global symbols from shared library loaded with dlopen
- Getting The Memory Address Of A DLL Function
- is it possible to get the address of function defined in the static library in windows?
- glibc - get handle to shared library having symbol containing specified address
- Getting to know the caller is from which DLLs
- Finding the memory address of a loaded DLL in a process in C++