如何获得程序的地址？ ( 积分: 100 )

例如：<br>procedure&nbsp;TForm1.btn1(Sender:&nbsp;TObject);<br>label&nbsp;MM,MM1;<br>var<br>b:boolean;<br>begin<br>&nbsp;&nbsp;b:=true;<br>&nbsp;&nbsp;if&nbsp;b&nbsp;then&nbsp;goto&nbsp;MM<br>&nbsp;&nbsp;else&nbsp;goto&nbsp;MM1;<br>&nbsp;&nbsp;MM:<br>&nbsp;&nbsp;asm<br>&nbsp;&nbsp;nop;<br>&nbsp;&nbsp;nop;<br>&nbsp;&nbsp;nop;<br>&nbsp;&nbsp;nop;<br>&nbsp;&nbsp;end;<br>&nbsp;&nbsp;MM1:<br>&nbsp;&nbsp;MessageBox('Good','',mb_ok);<br>end;<br><br>上面的代码中，如何获取MM的地址呢？别告诉我用ReadProcessMemory函数读取比较啊。

procedure&nbsp;TForm1.Button1Click(Sender:&nbsp;TObject);<br>label&nbsp;MM,MM1;<br>var<br>b:boolean;<br>AddrWORD;<br>begin<br>&nbsp;&nbsp;b:=true;<br>&nbsp;&nbsp;if&nbsp;b&nbsp;then&nbsp;goto&nbsp;MM<br>&nbsp;&nbsp;else&nbsp;goto&nbsp;MM1;<br>{<br>&nbsp;&nbsp;因为Call&nbsp;XXX指令是相当于Push&nbsp;EIP&nbsp;&nbsp;Jmp&nbsp;XXX.<br>&nbsp;&nbsp;返回的时候根据栈中弹出的地址返回.<br>&nbsp;&nbsp;那么我们可以利用这个特点,先Call&nbsp;下一条指令,然后Pop出来就是Call时候指令的下一条指令的地址.<br>&nbsp;&nbsp;Call&nbsp;XXX一共是5字节,那么再减去5就是当时的地址了.<br>}<br>MM:<br>&nbsp;&nbsp;asm<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;call&nbsp;@M<br>@M:&nbsp;&nbsp;pop&nbsp;&nbsp;Addr<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;sub&nbsp;&nbsp;Addr,&nbsp;5<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;nop;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;nop;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;nop;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;nop;<br>&nbsp;&nbsp;end;<br>&nbsp;&nbsp;MM1:<br>&nbsp;&nbsp;MessageBox(0,PChar('MM的地址是:'+IntToHex(Addr,0)),nil,mb_ok);<br>end;

楼上的技巧不错!!!

确实不错。结帐。