You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Jan 21, 2021. It is now read-only.
It appears that windows now has two methods for GetProcAddress, which breaks the Get-ProcAddress function. It looks like they aren't accepting pull requests, so... I'm just gonna point this out
I was able to fix it like this:
Function Get-ProcAddress
{
Param
(
[OutputType([IntPtr])]
[Parameter( Position = 0, Mandatory = $True )]
[String]
$Module,
[Parameter( Position = 1, Mandatory = $True )]
[String]
$Procedure
)
$SystemAssembly = [AppDomain]::CurrentDomain.GetAssemblies() | Where-Object { $_.GlobalAssemblyCache -And $_.Location.Split('\\')[-1].Equals('System.dll') };
$UnsafeNativeMethods = $SystemAssembly.GetType('Microsoft.Win32.UnsafeNativeMethods');
# Get a reference to the GetModuleHandle and GetProcAddress methods
$GetModuleHandle = $UnsafeNativeMethods.GetMethod('GetModuleHandle');
#Deal with the fact that windows now has two of these, we'll select the second one
$x=$($UnsafeNativeMethods.GetMethods() | where-object {$_.name -eq "getprocaddress"});
if(Get-Member -InputObject $x -Name Length -MemberType Properties) {
write-host $x | format-table
$GetProcAddress = $x[1];
} else {
$GetProcAddress = $UnsafeNativeMethods.GetMethod("GetProcAddress");
}
$Kern32Handle = $GetModuleHandle.Invoke($null, @($Module))
$tmpPtr = New-Object IntPtr
$HandleRef = New-Object System.Runtime.InteropServices.HandleRef($tmpPtr, $Kern32Handle)
Write-Output $GetProcAddress.Invoke($null, @([System.Runtime.InteropServices.HandleRef]$HandleRef, $Procedure))
}
It appears that windows now has two methods for GetProcAddress, which breaks the Get-ProcAddress function. It looks like they aren't accepting pull requests, so... I'm just gonna point this out
I was able to fix it like this: