320 questions
2
votes
2
answers
163
views
ERROR_INVALID_PARAMETER in SetEnvironmentStringsW on empty environment
Normally, the function SetEnvironmentStringsW can be used to restore a block of environment variables that has been backed up via GetEnvironmentStringsW before. This is a convenient way to experiment ...
- 10.3k
0
votes
0
answers
72
views
FreeLibrary fails (returns 0) when trying to unload injected DLL in c++ [duplicate]
I have written a simple DLL injector in C++. Now, I want to unload the injected DLL using the unload function shown below. However, when I run the code, the FreeLibrary function returns 0 and the DLL ...
- 13
0
votes
0
answers
117
views
C# & .NET 4.8 - DllImport does work in Debug mode but not in Release mode
I have the following code:
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
public static extern IntPtr SetDllDirectory(string lpPathName);
string dllFolderPath= @"C:\temp\lib";...
- 491
0
votes
0
answers
56
views
Application.GetOpenFilename for a UNC without using Kernel32
My company has recently instituted some significant security upgrades that disallows the calling of Kernel32.dll using VBA. Without this I can't call Application.GetOpenFilename and set the network ...
- 1,744
1
vote
1
answer
46
views
Can't capture output on testing 'WriteFile' function call via JNA
I want to write a test which would confirm that my string is successfully printed to console via JNA using WriteFile function.
Specs:
Windows 11 Home, Version 22H2
Java 22
JNA 5.14.0
Kernel32.java
...
- 322
1
vote
1
answer
254
views
How to Enumerate Threads using CreateToolhelp32Snapshot and Python ctypes?
This seems like it should print the thread ID of the first thread in the snapshot, but it always prints 0. What is wrong with it?
The following assumes that process ID 1234 is a real, running process.
...
- 795
1
vote
1
answer
94
views
Create Process in Debug Using Python ctypes
The following code is supposed to start a new process calc.exe in debug mode. However, it fails with the code 2 or ERROR_FILE_NOT_FOUND. However, this file calc.exe does exist on the system. What ...
- 795
0
votes
0
answers
179
views
Kernel32.dll LoadLibrary does not work in Docker container
I am developing a .NET WebApi Application which is intended to make calls to a Windows dll library. I use kernel32.dll's function LoadLibrary to load the dll. When I run the application on IIS or IIS ...
-1
votes
1
answer
1k
views
LNK1104 cannot open file 'kernel32.lib'
Getting following error LNK1104 cannot open file 'kernel32.lib', what path do i need to add, and where to add it in Visual Studio 2022.
I looked at previous threads, most solutions are for older ...
- 11
2
votes
2
answers
816
views
How to capture a DLL's stdout/stderr in Python?
How can you capture a DLL's stdout and/or stderr in Python on Windows? For example, this prints "hello" to stderr, but it should be possible to capture the "hello" as a string ...
- 27.2k
0
votes
1
answer
88
views
Use CreateThread With Kotlin Native?
I tried to use CreateThread in kernel32 to start a DataCollectorEntry function in new thread but it did not execute any line on the function and the GetLastError return 0
that means everything is ...
- 94
0
votes
1
answer
590
views
"bootstrap handle cannot be initialized" error when working with LibreOffice in .NET Core?
I'm attempting to work with LibreOffice using .NET Core, but I'm encountering an error that says 'bootstrap Handle is not initialized .
using unoidl.com.sun.star.uno;
m_xContext = uno.util.Bootstrap....
- 335
1
vote
1
answer
223
views
IsWindows10OrGreater function from <VersionHelpers.h> usage problem in asm x86 code
Have a task to call IsWindows10OrGreater function in asm x86 code. At first, I tried to include it from kernel32 lib, but than I found out that this library doesn't contain IsWindows10OrGreater ...
- 11
0
votes
0
answers
625
views
USB C# .NET Write on USB printer device using kernel32.dll's WriteFile
I've been trying to get it to work for a while, but I just can't. And looking online there don't seem to be many USB oriented answers for communicating with a printer.
The final objective is to ...
- 1
1
vote
1
answer
572
views
How to create an import library for kernel32.dll using a .def file on x86?
I have a small project that does not depend on the CRT or windows sdk. In order to link against kernel32.dll I created a minimal .def file with only the couple functions I need:
LIBRARY kernel32.dll
...
- 96
1
vote
0
answers
974
views
Finding Kernel32 Base Address
I've been experimenting with ways to obtain the Kernel32.dll base address in C shellcode and came up with the following method. It works on my machine running Windows 11 Pro, but I'm wondering how ...
- 2,467
0
votes
0
answers
169
views
Calling asynchronous file write (WriteFileEx) from VBA in Windows?
I am trying to write a stream of data with minimal delay between buffer transfers in VBA. The data may be acquired with maximal 30~35 usec precision in VBA.
But because of continuous data stream, I ...
- 296
0
votes
0
answers
182
views
How to find list of JobObjects that are assigned to the current process?
I'm running a program in C#, and I want to know the list of JobObjects that are assigned to the current process. Is there a way to do this?
To be more specific about my use-case, I'm trying to find ...
- 1
0
votes
1
answer
306
views
WinDbg How to find HeapAlloc or HeapAllocStub?
I'm trying to find the address of the API HeapAlloc in Windbg using the following syntax u Kernel32!HeapAllocStub but windbg cannot resolve that. I have reloded the symbols and the error persist, for ...
- 49
0
votes
1
answer
191
views
Using SetWaitableTimer in WPF
I am creating a WPF app where I have to make device to sleep and awake at particular time. I tried to used SetWaitableTimer to do the same but due some mistakes my device is going into sleep but not ...
- 21
0
votes
0
answers
706
views
Can I turn a raw memory dump (ReadProcessMemory) into a MiniDump file?
I have the following powershell code to dump the process memory from a given process. In this case, cmd.exe.
It opens the given process with PROCESS_ALL_ACCESS and uses VirtualQueryEx to list all the ...
- 344
0
votes
1
answer
89
views
get processor architecture in MQL
i use GetNativeSystemInfo from windows api but when i use structure like microsoft i can not get parameter correctly
at the first i use this structure:
struct _SYSTEM_INFO {
union DUMMYUNIONNAME {
...
1
vote
1
answer
372
views
Marshal.AllocHGlobal instead of VirtualAlloc from kernel32.dll on dotnet core 6
I have some legacy unmanaged code (unsafe, intptr) which uses VirtualAlloc method from kernel32.dll many times in order to allocate unmanaged intptrs.
This code is in a project which was upgraded from ...
- 11
0
votes
1
answer
159
views
Why is CreateFileA succeeding in Windows XP and failing in Windows 10?
I'm working through a reverse engineering exercise using olly.
00402D71 |. 6A 00 PUSH 0 ; /hTemplateFile = NULL
00402D73 |. 68 80000000 PUSH 80 ...
- 73
0
votes
1
answer
989
views
why my impersonation a specific user code is throwing error
We are developing a ASP.NET web application in which we need to access a shared drive and search for a directory, if it is present or not. But while accessing using the PATH the application is showing ...
0
votes
1
answer
1k
views
What is different between OutputDebugStringA and OutputDebugStringW in kernel32.dll?
I was trying to use debugView in Electron for some reason
When I use OutputDebugStringW everything I send to output become random char,
on the other hand it seems correct when sending output using ...
- 35
1
vote
0
answers
2k
views
How to set a I/O Priority of a Windows Process to High as Process Lasso does
I know there are similar questions and tools (1)(2)(3) and many more.
Each of these resources in the web states that you need to use Windows NT API and with this it should be easy to change the ...
- 111
0
votes
1
answer
234
views
kernel32 GetSystemInfo not returning info
All of the SI fields are 0 after the call to GetSystemInfo in the code below, that's the issue I am trying to solve here.
This is about the same code as several examples which can be found with a ...
- 1,715
2
votes
0
answers
1k
views
Error while running .Net core 6.0 application in ubuntu using wine
We have .net framework based application which connects with backend using REST API. When we run this application using Wine on Ubuntu 20.04 it works perfectly well. Our requirement is that we need to ...
- 29
8
votes
2
answers
4k
views
SetThreadExecutionState(ES_SYSTEM_REQUIRED) does not prevent system sleep on Windows 11
In my file transfer application (WinSCP), I use SetThreadExecutionState(ES_SYSTEM_REQUIRED) to prevent the system from going into sleep mode while a file transfer is in progress. But this does not ...
- 205k
2
votes
1
answer
8k
views
Unable to load shared library 'kernel32.dll'
I'm running a dotnet webapp in my local (windows machine) and it works just fine. When I deploy the same application to an AKS container and try running it, it fails with
System....
- 2,184
0
votes
1
answer
131
views
Does ReplaceFile fail with ERROR_SHARING_VIOLATION because of race condition?
This is a simplification of a problem I encounter.
There are 2 process: one that loops over ReplaceFile
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
static extern ...
- 141
2
votes
0
answers
623
views
FreeLibrary not working on Loaded C++ DLL
I'm using an external DLL which is written in C++. It's a cURL Wrapper. I do not have access the code, just DLL.
//Import kernel32 DLL
static class NativeMethods
{
[DllImport("kernel32.dll&...
- 31
5
votes
1
answer
3k
views
Is it possible to install a newer version of kernel32.dll into win 7 x64 that includes the function GetSystemTimePreciseAsFileTime?
Sorry for the noob question,folks. My new version of Vectorworks CAD 2022 won't run on my Win 7 x64 due to a missing procedure entry point. My laptop is too old to upgrade to Win 10 and I was hoping ...
- 61
1
vote
1
answer
3k
views
DllImport kernel32.dll code working in console app but not in UWP - FindFirstFileW returns INVALID_HANDLE_VALUE
I'm attempting to use low level Windows API's (specifically FindFirstFileW / fileapi.h) in a UWP app for the first time.
I have proof of concept code running successfully in a .Net console app, and ...
- 10.4k
0
votes
1
answer
263
views
Why is VSCodium failing to locate kernel32.lib?
I'm trying to build a CMake-based C project in VSCodium.
When I open the folder, CMake configuration fails, with the error being, apparently:
-- snip --
LINK : fatal error LNK1181: cannot open input ...
- 137k
0
votes
1
answer
146
views
ReadProcessMemory with Chez Scheme FFI
I'm having some trouble reading from an arbitrary memory address using Chez Scheme's FFI and the kernel32/user32.dll's ReadProcessMemory function. I got the process handle and everything fine, but I'm ...
0
votes
1
answer
224
views
VBA kernel32 InterlockedIncrement not available in 64 bit host, what should I do?
I'm in the process of upgrading some code from 32 to 64 bit VBA. It uses the InterlockedIncrement function:
Private Declare PtrSafe Function InterlockedIncrement Lib "kernel32" (ByRef Addend ...
- 5,625
0
votes
0
answers
5k
views
how to fixed dynamic link library Kernel32.dll Error in Window Server 2008
I have an angular application for which I have written an URL rewrite on the web.config file.
I am publishing my application on IIS 7 (Windows Server 2008).
To manage and enable URL Rewrite I want to ...
- 29
0
votes
0
answers
113
views
Kernel32.dll to read card SD like file. Read long space
I read card SD like file. I use this method:
public static int ReadUSBDisk(ref byte[] buffer, int sector, string fileName)
{
ushort count = 10;
bool retValue;
int ...
- 2,271
0
votes
0
answers
46
views
Is it possible to work with return types of Windows API function calls in Visual Basic? 3 questions [duplicate]
Question 1: Why declare it as a function and not a sub?
When calling a windows API function in Excel VBA such as
Private Declare Function getTickCount Lib "kernel32" _
Alias "...
- 502
0
votes
1
answer
255
views
Link Error when Compile c program without kernel32.lib
I'm want to Create App that just use ntdll and use security check for it. but when I remove kernel32.lib or uncheck "inherit from parent or project defaults" I get link errors when I build ...
2
votes
3
answers
5k
views
Link to kernel32.dll using ld.exe
I have assembled my assembly program using the following command:
nasm -f win64 -o test.obj test.asm
test.asm contains a few functions that call Win32 functions like GetStdHandle, HeapAlloc, etc
...
- 133
0
votes
0
answers
301
views
C# Equivalent of AutoHotKey NumPut and VarSetCapacity
I'm trying to convert this function from this repository, programmed with the AutoHotKey language.
But I ended up stuck in one question: In C# what would the NumPut and VarSetCapacity functions ...
0
votes
1
answer
201
views
Call GetDiskFreeSpaceExA from UWP (C#)
I am working on a UWP app (C#, Visual Studio 2019) and I want to find out the total, free for user and free space of C:. In order to do this, I want to call GetDiskFreeSpaceExA (about ...
1
vote
1
answer
317
views
Problems about python ctypes module
Just trying to mess around and learn about python ctypes according to the official documentation at https://docs.python.org/3.8/library/ctypes.html
Everything works just fine until:
ValueError is ...
- 13
1
vote
1
answer
493
views
How to add Python script to registry using Ctypes and kernel32.dll
I'm trying to add my program to registry and this is my code...
def regc():
reg = windll.kernel32
print(reg)
hkey = 'HKEY_CURRENT_USER'
lsubkey = 'Software\Microsoft\Windows\CurrentVersion\Run'
...
0
votes
1
answer
130
views
How to compile for multiple versions of windows where Kernel32 entry point may not exist for some functions
The title may not be the most descriptive at first:
I have a program that utilizes a call to "Wow64EnableWow64FsRedirection" function which is required when the software runs on a Windows 7 ...
- 23
0
votes
1
answer
124
views
VB.NET 2008 or higher: Memory violation reading STDIN via winapi
I am trying to port a VB6 application to VB.NET.
This is a console application that reads data from STDIN, modifies the data and writes it to STDOUT.
Google is my friend, so I have spend days now on ...
0
votes
1
answer
564
views
Why does GetPrivateProfileSection retrieve each character as a two byte value, padding them with a NULL character?
Given this piece of code:
Private Declare Auto Function GetPrivateProfileSection Lib "kernel32" _
(ByVal lpAppName As String, _
ByVal lpszReturnBuffer As Byte(), _
...
- 6,636