I have a compiled C code that makes a call to LoadLibrary
int main()
{
printf("Hello world\n");
HMODULE hMod = LoadLibrary("hello.dll");
if (hMod == NULL)
{
printf("Failed to load hello.dll library\n");
exit(EXIT_FAILURE);
}
return 0;
}
I am running the compiled binary using another compiled C code that uses CreateProcess like so
CreateProcess(fname, NULL, NULL, NULL, FALSE, CREATE_SUSPENDED, NULL,NULL, &si, pi)
pi is passed by reference to the function running this line.
fname refers to the binary path of the above compiled code.
Now using another function that takes PROCESS_INFORMATION pi as a parameter, I want to check for the LoadLibrary address in that process.
Can someone explain how to find the address of the function in that process?