When i was reading shellcode writing tutorial The LoadLibrary and GetProcAddress was been just confused me. But it was really easy to understand in normal asm code. It was bit harder for me when i first tried to write a bit dynamic windows shellcode. So for understanding the dynamic dll loading in shellcode first i decide to learn to load the dll dynamically in normal (n)asm code and it was easy:
ldlibry dd 0
pro dd 0
dll db "user32.dll",0
myFtion db "MessageBoxA",0
MSG db "ASM GetProcAddress",0
push dll ;push user32.dll
call _LoadLibraryA@4 ;Call the API.
mov [ldlibry],eax ;eax hold return address. So eax=LoadLibrary("user32.dll") and now ldlibry=LoadLibrary("user32.dll")
;now we need to call GetProcAddress
push myFtion ;The API name we are going to call
push eax ;LoadLibrary("user32.dll")
call _GetProcAddress@8 ;GetProcAddress(LoadLibrary("user32.dll"),"MessageBoxA"). Again eax holding the return address
push 0x0 ;MB_OK
push MSG ;TITLE="ASM GetProcAddress"
push MSG ;Messgage="ASM GetProcAddress"
push 0 ;Reserved=0
call eax ;Call MessageBoxA through GetProcAddress.
push dword [ldlibry] ; ldlibry holding the LoadLibrary("user32.dll"). Again load to Free up.
call _FreeLibrary@4 ;Call the Windows api FreeLibrary()
;We should exit the process otherwise it may cause "access violation"
push 0 ;load 0 to stack
call _ExitProcess@4 ;Call ExitProcess
;nasm -fwin32 ldlibrary.asm
;ld -o ldlibrary.exe ldlibrary.obj -lkernel32