这是一个得到Kernel32基地址的程序源代码（A simple way for get KERNEL32 base address）
   我用ml汇编这个源代码，有警告
E:\Source\virus>ml/c/coff k01.asm
Microsoft (R) Macro Assembler Version 9.00.30729.01
Copyright (C) Microsoft Corporation.  All rights reserved.

MASM : warning A4018:invalid command-line option : /c/coff
Assembling: k01.asm
k01.asm(85) : warning A4023:with /coff switch, leading underscore required for s
tart address : start
Microsoft (R) Incremental Linker Version 5.12.8078
Copyright (C) Microsoft Corp 1992-1998. All rights reserved.

LINK : fatal error LNK1104: cannot open file "

  随后用link,有错误
E:\Source\virus>link /subsystem:windows k01.obj
Microsoft (R) Incremental Linker Version 5.12.8078
Copyright (C) Microsoft Corp 1992-1998. All rights reserved.

k01.obj : error LNK2001: unresolved external symbol ExitProcess
LINK : error LNK2001: unresolved external symbol _start
k01.exe : fatal error LNK1120: 2 unresolved externals

  有没有人能帮我找找错误呢？谢谢各位好心人了。

        .386p
        .model  flat

extrn  ExitProcess:PROC

        .data

limit  equ     5

        db      0

        .code

start:      
        call    delta
delta:
        pop     ebp
        sub     ebp,offset delta

        mov     esi,[esp]
        and     esi,0FFFF0000h
        call    GetK32

        push    00000000h
        call    ExitProcess

GetK32:

__1:
        cmp     byte ptr [ebp+K32_Limit],00h
        jz      WeFailed

        cmp     word ptr [esi],"ZM"
        jz      CheckPE

__2:
        sub     esi,10000h
        dec     byte ptr [ebp+K32_Limit]
        jmp     __1

CheckPE:
        mov     edi,[esi+3Ch]
        add     edi,esi
        cmp     dword ptr [edi],"EP"
        jz      WeGotK32
        jmp     __2
WeFailed:
        mov     esi,0BFF70000h
WeGotK32:
        xchg    eax,esi
        ret

K32_Limit      dw      limit

end     start

[课程]FART 脱壳王！加量不加价！FART作者讲授！