Hmm...
The problem is I know nothing about API hooking. After 3 years, I decided to write a universal loader. This time ABEL didn't help me. It's my first coding in VC++.
OK, I'm writing an universal loader for a license manager program which its kernel is a DLL. Some programmers put this DLL in the resource of their application. It's packed with ASPACK and sometimes with ASPR.
So, I think the method of
Shub-Nigurrath won't work for my purpose. I think if the DLL is in resource, LoadLibrary is not usefull. Because DLL name may be changed from an application to other one and its addresses may be changed.
[NtSC], If program loads several DLL and lock-DLL name is variable, is it usefull to use API hooking?
(Could you plz write a short example of using
API hooking or
toolhelp/psapi functions?)
So I've used
FindWindow,
GetWindowThreadProcessId and then
OpenProcess to get DLL process handle for reading and writing. But I don't know how to get its Base address and/or one of its EXPORTs address. (I've alot of problem with reading PE header file in VC++, too)
Is there any short and precise method?