NtDll.dll is the Windows system DLL exposing the Native API to user mode.
NtDll.dll is the Windows system DLL exposing the (Windows) Native API to user mode.
Questions tagged [ntdll]
155 questions
-1
votes
1 answer
Can someone explain RtlAdjustPrivilege
I have knowledge of java and python ,but any language containing C in its name is so hard to understand and learn. Recently i was trying to create BSOD in windows using NtRaiseHardError and after few (unsuccessful) tries in c++ I turned to c#.…
JustHobby
- 483
- 7
- 11
-1
votes
2 answers
C++ windows code links in 64bit but not in 32bit
I have code written in C++ on windows.
My code compiles and links when I compile it as x64 but not when I change the build configuration to x86.
The failure is a linking error.
I'm using the function RtlIsNameInExpression from ntdll.
When I compile…
rosl
- 33
- 3
-1
votes
1 answer
C++ SysCall asm unresolved externals
I am trying to call NtReadVirtualMemory via a syscall in asm. I am doing this for a few different reasons but it is not to important. So I define the function like so in my main header file:
extern "C" NTSTATUS SysWPM(HANDLE ProcessHandle, PVOID…
Reece
- 59
- 7
-1
votes
1 answer
GetFinalPathByHandle returns the same path for all handles returned by NtQuerySystemInformation
I want to retrieve all file paths that are accessed by processes in my OS.
List of processes is retrieved and those has correct handle values. So now I want to use GetFinalPathNameByHandle function to get path to those files, but Path variable is…
Artur Korobeynyk
- 955
- 1
- 9
- 24
-2
votes
1 answer
Trying to grab, duplicate and protect a handle with NTDLL
So I am trying to basically loop trough the processes, find the process id of my process (which works), then open a process with that pid (which also works) and then duplicate it with NtDuplicateObject and protect it with NtSetInformationObject.
The…
Shaggy Doo
- 15
- 4