KiFastSystemCall Wrapper - Call native functions with ease!

[Solaire]

Sounds nice. I'll look into it after the weekend.

[MentaL]

[Tman151]

Sounds nice. I'll look into it after the weekend.

What are doing on the very first post wizkid?
Nice release?

Edit: Woohoo! 2nd post!
Ragezone is glitching. =\

[ThievingSix]

Very useful for some situations, I shall translate this =P

[EpikBaby]

Nice Release ^.~ 10/10. Lol

[dacharles]

what is a wrapper, i dont understand what i found on google DD:

[Guy]

Update: http://www.sendspace.com/file/jjcq99

x64 supported with VEH, x86 supported without inline ASM. Also, usage with the _Return variable is removed, the functions provided make much more sense.

[Guy]

[s]Download: http://www.sendspace.com/file/q4rzbl[/s]
Update: http://www.sendspace.com/file/jjcq99

Basically, this is a linear-C wrapper which allows you to call undocumented, native functions via a pre-defined macro. It's x64 compatible using VEH, and x86-compatible using inline ASM (Though, you can make a quick change to use VEH for x86 as well, should say, Microsoft drop support for inline-ASM in the x86 compiler).

Usage:

First, a call to SetServices() is needed which sets the "_Version" variable, designating what operating system the computer is running; supported thus far is NT4+, 2000, Win2k3s, XP, and Vista.

Now you may begin making calls to native functions; however, it should be noted due to the way in which I setup functions, to access the last return value of a native function, you must access the _Return variable.

e.g.

Code:

int WINAPI WinMain( HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nShowCmd )
{
	SetServices( );
	_NtTerminateProcess( GetCurrentProcess( ), -1 );
	if( _Return != 0 )
		Sleep( 10000 );

	return( 0 );
}

In the above example, SetServices( ) is called to initialize the _Version register. The function "_NtTerminateProcess" is called to terminate the current running process, with an exit code of -1 (0xFFFFFFFF). If the function fails to call, then the application will idle for 10 seconds.

All native macros are prefixed with an underscore, as displayed, for compatibility reasons. Generically named variables I also prefixed with an underscore, for similar reasons.

Any questions?

[ArmaniStar]

Nice i think, lol

[AllahAkbar]

[s]Download: http://www.sendspace.com/file/q4rzbl[/s]
Update: http://www.sendspace.com/file/jjcq99

Basically, this is a linear-C wrapper which allows you to call undocumented, native functions via a pre-defined macro. It's x64 compatible using VEH, and x86-compatible using inline ASM (Though, you can make a quick change to use VEH for x86 as well, should say, Microsoft drop support for inline-ASM in the x86 compiler).

Usage:

First, a call to SetServices() is needed which sets the "_Version" variable, designating what operating system the computer is running; supported thus far is NT4+, 2000, Win2k3s, XP, and Vista.

Now you may begin making calls to native functions; however, it should be noted due to the way in which I setup functions, to access the last return value of a native function, you must access the _Return variable.

e.g.

Code:

int WINAPI WinMain( HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nShowCmd )
{
	SetServices( );
	_NtTerminateProcess( GetCurrentProcess( ), -1 );
	if( _Return != 0 )
		Sleep( 10000 );

	return( 0 );
}

In the above example, SetServices( ) is called to initialize the _Version register. The function "_NtTerminateProcess" is called to terminate the current running process, with an exit code of -1 (0xFFFFFFFF). If the function fails to call, then the application will idle for 10 seconds.

All native macros are prefixed with an underscore, as displayed, for compatibility reasons. Generically named variables I also prefixed with an underscore, for similar reasons.

Any questions?

what does this?.