yes, SQ not improved. need use new method for coding and render loop.
im learning API .dll files, something have found out, very interesting, JC. now few functions can bypass kernel32.dll, KernelBase.dll, ntdll.dll,... think better in next versions.
lekt wrote:yes, SQ not improved. need use new method for coding and render loop.
im learning API .dll files, something have found out, very interesting, JC. now few functions can bypass kernel32.dll, KernelBase.dll, ntdll.dll,... think better in next versions.
How do you go about bypassing ntdll.dll functions ?
lekt wrote:yes, SQ not improved. need use new method for coding and render loop.
im learning API .dll files, something have found out, very interesting, JC. now few functions can bypass kernel32.dll, KernelBase.dll, ntdll.dll,... think better in next versions.
How do you go about bypassing ntdll.dll functions ?
has done 4 functions (1 important function in render loop), use system call, very good. try disassemler these api .dll, many things in KernelBase.dll.
in ntdll.dll have only code number of syscall, need learn syntax for parameters from KernelBase.dll. google also can not help, must be accurate learn instructions.
im very happy coz that's first time i can bypass this ntdll.dll.
lekt wrote:yes, SQ not improved. need use new method for coding and render loop.
im learning API .dll files, something have found out, very interesting, JC. now few functions can bypass kernel32.dll, KernelBase.dll, ntdll.dll,... think better in next versions.
How do you go about bypassing ntdll.dll functions ?
has done 4 functions (1 important function in render loop), use system call, very good. try disassemler these api .dll, many things in KernelBase.dll.
in ntdll.dll have only code number of syscall, need learn syntax for parameters from KernelBase.dll. google also can not help, must be accurate learn instructions.
im very happy coz that's first time i ... ernel.html
so it's basically populating registers with the parameters and then calling syscall with the correct code for the instruction.
i use IDA, but think ollydbg better, will try. search by google but not found correct code for syscall. get calling interface from kernelbase.dll and MSDN, tried many functions with correct code but don't know why they don't work, still now has done only 5 functions. if you need NtWaitForSingleObject then i can share to you:
;NtWaitForSingleObject(pHandle, dwAlertable, pTimeout);
mov r10, rcx ; pHandle
xor edx, edx ; FALSE: The alert cannot be delivered
xor r8d, r8d ; Time-out interval, in microseconds. NULL means infinite
mov eax, 2h ; code number
syscall
2h is code number of this function for win8, WS2012. maybe win8.1 use different number, you can get it from ntdll.dll of win8.1.
if it works for you then SQ will be much better coz it run in render loop. it's very important function.
can not find audio core functions in MMDevAPI.dll, AudioSes.dll, very complex code. need learn GetBuffer and ReleaseBuffer, interesting what things in these dll.
replaced 5 api functions with syscall (system calling, level 0, bypass windows API), works in my win8.
not sure they work for win8.1 and ws2012 or not. try them.
sbgk wrote:wow, finally got it working for waitforsingleobject, what a difference.
I'm using win 10 and the syscall is 851972, would you believe.
Now if I can get deviceiocontrolfile working.
thanks for your help.
enjoy it!
i use onboard laptop sound card, so can't test deviceiocontrolfile with KS, can you upload dll file set of win10, will learn something from it. many api functions on my win8 don't work when i use syscall, hmm...
Try NtCreateFile, NtReadFile,... maybe work for you on win10.