okay the point of this is to LOOP through all the addresses, and then compare the buffer of that address with the GetProcAddress of an API.. this is just a snippet (I JUST INCLUDED THE CODE THAT WAS MESSING UP!)

.data
dwBaseAddress dd 00400000h

.data?
dwMatch dd ?
hSend dd ?


ScanLoop:
add dwBaseAddress, 4
invoke ReadProcessMemory, hPhandle, OFFSET dwBaseAddress, OFFSET dwMatch, 4, NULL
cmp dwMatch, hSend
je Found
jmp ScanLoop


how could make this work? i've tryed test, cmp, cmpsd, and also an if (.if dwMatch == hSend)..

and also, would this even work..? I'm trying find the Address that holds the GetProcAddress of my API in the proccess..
any help would be appriciated!
Posted on 2003-03-21 22:46:45 by kHunKz
mov eax, dwMatch

cmp eax, hSend
je Found
jmp ScanLoop
Posted on 2003-03-21 22:51:09 by comrade
You cannot compare memory and memory. If you want to do that, move the value of one of the memory to a register and compare with the other memory.
Posted on 2003-03-22 04:55:42 by roticv