NASM - The Netwide Assembler

Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: Dynamic Linking on windows 64  (Read 51 times)

d3x0r

  • Jr. Member
  • *
  • Offline Offline
  • Posts: 2
Dynamic Linking on windows 64
« on: March 14, 2017, 09:22:41 PM »

I find lots of information about PE32 now (portable executable 32 bit format).
I have some code that I want to redirect some function linked to other DLLs (kernel32.dll CreateFileA for instance) ...

I know how to walk the headers and get to the import table and dump the contents; but the resolved address array that is used in PE32 is all NULL in the 64 bit version.  I'd consider maybe it's empty because of delay linking?  But they're ALL NULL.  So where do import addresses get resolved to? 
I figure NASM import directive sort of hides the implementation detail ;but maybe someone can share what the detail is to get the address for a function in another dll that has been linked to my current EXE or DLL.

----------
Logged

d3x0r

  • Jr. Member
  • *
  • Offline Offline
  • Posts: 2
Re: Dynamic Linking on windows 64
« Reply #1 on: March 14, 2017, 11:20:35 PM »

Add the correct offset to the correct base pointer.  Oh! Okay thanx.
Logged