flat assembler
Message board for the users of flat assembler.

Home Search Register
Log in to check your private messages Log in

Index > Windows > provide me with an example code for calls from ntdll.dll
Author
Thread Post new topic Reply to topic
bopseharto



Joined: 27 Nov 2023
Posts: 1
bopseharto 27 Nov 2023, 19:54
hi
I just want to apologize for my English [I use a translator]

i'm looking for information about a month and during this time i haven't found almost anything

but what i found is very old and all the sample code is written in C/C++

i want to ask you to provide me with an example code with explanations written in FASM using the simplest calls from ntdll.dll-ntoskrnl.exe

creating a file , displaying a line on the screen or something like that

please if you have information on this topic,share

i want to say thank you in advance for giving me some of your time and helping me
Post 27 Nov 2023, 19:54
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 19876
Location: In your JS exploiting you and your system
revolution 27 Nov 2023, 22:15
bopseharto wrote:
please if you have information on this topic,share
NTDLL.DLL and related calls are not publicly documented, and are not stable across Windows versions.

Any code you find might work for one version of Windows and no others, or it might work for all current versions, and break on the next release.
Post 27 Nov 2023, 22:15
View user's profile Send private message Visit poster's website Reply with quote
bitRAKE



Joined: 21 Jul 2003
Posts: 3892
Location: vpcmipstrm
bitRAKE 28 Nov 2023, 12:35
https://github.com/The-Z-Labs/bof-launcher/blob/main/bofs/src/wDirectSyscall.asm

_________________
¯\(°_o)/¯ “languages are not safe - uses can be” Bjarne Stroustrup
Post 28 Nov 2023, 12:35
View user's profile Send private message Visit poster's website Reply with quote
Furs



Joined: 04 Mar 2016
Posts: 2348
Furs 28 Nov 2023, 14:34
revolution wrote:
Any code you find might work for one version of Windows and no others, or it might work for all current versions, and break on the next release.
Nah, because a lot of DRM/anti-cheat garbage relies on it and Microsoft isn't going to shoot themselves in the foot now. Some of them even do direct syscalls which is quite insane but it is what it is.
Post 28 Nov 2023, 14:34
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Main index Download Documentation Examples Message board

Copyright © 1999-2023, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.