|
Heres an asm example of retrieving imagebase without using any apis (in case you dont wanna worry about importing new functions):
hxxp://spiff.tripnet.se/~iczelion/files/kernel.zip
The GetKernalBase proc is the one you want, and it shows the implementation at main. If you need some help with the example, let me know. Its pretty simple though.
Crudd [RET]
|