adon90/powershell_api.txt

## powershell_api.txt
"@

    Add-Type -TypeDefinition @"
    using System;
    using System.Diagnostics;
    using System.Runtime.InteropServices;

    public static class GetAddress
    {
        [DllImport("kernel32", SetLastError=true, CharSet = CharSet.Ansi)]
            public static extern IntPtr LoadLibrary(
                [MarshalAs(UnmanagedType.LPStr)]string lpFileName);

        [DllImport("kernel32", CharSet=CharSet.Ansi, ExactSpelling=true, SetLastError=true)]
            public static extern IntPtr GetProcAddress(
                IntPtr hModule,
                string procName);
    }

"@

$library = [GetAddress]::LoadLibrary("c:\windows\system32\kernel32")
$address = [GetAddress]::GetProcAddress($library, "WinExec")
"0x$("{0:X16}" -f $address.ToInt64())"
	"@

	Add-Type -TypeDefinition @"
	using System;
	using System.Diagnostics;
	using System.Runtime.InteropServices;

	public static class GetAddress
	{
	[DllImport("kernel32", SetLastError=true, CharSet = CharSet.Ansi)]
	public static extern IntPtr LoadLibrary(
	[MarshalAs(UnmanagedType.LPStr)]string lpFileName);

	[DllImport("kernel32", CharSet=CharSet.Ansi, ExactSpelling=true, SetLastError=true)]
	public static extern IntPtr GetProcAddress(
	IntPtr hModule,
	string procName);
	}

	"@

	$library = [GetAddress]::LoadLibrary("c:\windows\system32\kernel32")
	$address = [GetAddress]::GetProcAddress($library, "WinExec")
	"0x$("{0:X16}" -f $address.ToInt64())"