Stack Overflow
Stack Overflow

Questions tagged [nt-native-api]

Native API is used by Windows NT and user mode applications

60 questions
2
votes
2 answers

What does SIGINT translate into in the NT native API?

Windows has support for SIGINT in console applications in response to Ctrl-C. This implies Windows has functionality to interrupt a running thread from a remote thread (process even!) and invoke a signal handler. Exactly how does this work at the NT…
bdonlan
  • 224,562
  • 31
  • 268
  • 324
2
votes
2 answers

NTSTATUS could not be resolved

im trying to make a program witch will get command line of proces by a Process id. Im using eclipse c++ and mingw compiler So i found a 1 tutorial how to do that, and it needs ntstatus so like in tutorial i included #include And i added…
Dushan01
  • 29
  • 1
  • 4
2
votes
2 answers

Accessing Windows Native API from User-Mode

I'm quite curious about the Windows Native API. I have been searching around the net and have failed to find an example of calling a Native API function from user-mode. I believe I have a basic grasp of what this entails - specifically, I have to…
ace
  • 21
  • 1
  • 2
2
votes
2 answers

Windows native development: debuggee tries to load werkernel.sys from system32

I'm investigating the Windows Native API now, Nt*/Zw* methods. I downloaded the WDK, installed it and successfully compiled an application (x64, under Win 8.1 x64, VS2013). The only thing it does is a call to NtOpenFile(). To successfully…
Mike Makarov
  • 1,287
  • 8
  • 17
2
votes
3 answers

how to access Salesforce Attachment Body (base64 binary data) in ios?

I am working on iOS native app for getting attachments from salesforce. I have to show the salesforce attachments in my iPhone app for particular object like Leads,Contacts etc. For that i am using Rest Api and got response body. But in response…
YogiBhoi
  • 169
  • 1
  • 10
1
vote
0 answers

Close file handle of process from kernelmode driver on Windows

I'm trying to close a specific file handle of a process from a kernelmode driver on Windows. For this, I'm using ZwQuerySystemInformation to enumerate all handles on the system and then filter them based on a given process id and by checking for a…
Louis Bernard
  • 229
  • 4
  • 20
1
vote
1 answer

Is it possible to call functions from a kernel mode driver in a user mode application on Windows?

I read here that the inverse is possible, but how does one achieve such a thing? I'd hope there's a simple way, similar to calling from a loaded DLL, but my google research comes up with nothing. My only other thought is that one could pass some…
FShrike
  • 323
  • 1
  • 10
1
vote
1 answer

Custom software driver communication with user client on Windows

EDIT: through another question on the forum, I learned that DeviceIoControl can be async, so question 4 is now just question 2 The extensive Windows driver documentation says little, that I've found, about how a client user-mode app can communicate…
FShrike
  • 323
  • 1
  • 10
1
vote
1 answer

How to use MAXIMUM_ALLOWED properly?

I have created a small framework that provides a unified API to multiple file systems/APIs (namely Win32, Posix, NFS). Said API is somewhat similar to Posix -- to access a file you need to "open" it providing a hint for intended purpose (r, w or…
C.M.
  • 3,071
  • 1
  • 14
  • 33
1
vote
1 answer

NtCreateFile returning STATUS_OBJECT_NAME_NOT_FOUND even if the file exists in the directory

I have been trying to open an existing file using NtCreateFile, although it cannot find the file that I am looking for even if it is present in the directory I am trying to open the file in. NtCreateFile returns the error code 0x34, aka…
Yung Lew
  • 81
  • 10
1
vote
1 answer

Creating a new registry key using the NtCreateKey() NTAPI function [NtOpenKey() function returns a NTSTATUS error value of -1073741772]

I am written the following code to create a new key in the registry but an NTSTATUS error value of -1073741772 is returned by the NtOpenKey() function when attempting to fetch the handle of the base key to create a new key. typedef…
hecate
  • 620
  • 1
  • 8
  • 33
1
vote
1 answer

Undefined function with extern "c" and assembly

Hey so I'm getting an undefined function error when I'm trying to compile my code and I don't know why. Here are my files: Api.h extern "C" NTSTATUS NtWriteVirtualMem(HANDLE ProcessHandle, PVOID BaseAddress, PVOID Buffer, ULONG NumberOfBytesToWrite,…
Ayyware
  • 53
  • 5
1
vote
2 answers

Reading file in Kernel Mode

I am building a driver and i want to read some files. Is there any way to use "ZwReadFile()" or a similar function to read the contents of the files line by line so that i can process them in a loop. The documentation in MSDN states that…
whatisinaname
  • 333
  • 4
  • 15
1
vote
1 answer

Convert char array to Unicode

I am developing a device driver in Visual C++. I need to convert a character array to Unicode as well as wide character array in my driver. Pointer to useful functions will be appreciated. I know "RtlInitUnicodeString" which concerts wchar to…
whatisinaname
  • 333
  • 4
  • 15
1
vote
1 answer

How do I gather information on a Windows 7 freeze up that may involve both a driver and user mode code?

I am experiencing a crash in an application, that is crashing windows 7, but not in the traditional "blue screen of death" crash, that happens when device drivers or other kernel-space processes crash the whole system, but rather, I am seeing a…
Warren P
  • 65,725
  • 40
  • 181
  • 316
1
2
3 4