How can i use NtOpenProcess with bananaphone

[timwhitez]

How can i use NtOpenProcess with bananaphone

[C-Sto]

Check out the mkwinsyscall example for (imo) the best way of handling API calls - create a comment with the function in the right format, and then generate the stub with go generate. The function is publicly documented (https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/ntddk/nf-ntddk-ntopenprocess), so it should be easy enough to pick the right parameter types.

[C-Sto]

OK so apologies - you were encountering a bug that I'm jsut getting to the bottom of now where functions that have a certain number of arguments would make the stub calculate weird stack stuff and get into a unsafe state and crash. I'll reopen this for now - but you appear to have worked around it by adding a zero to the function call. That pushes the stack to the correct length, and is a totally unexpected solution... so congrats?

[timwhitez]

lol, i do work it well by adding a zero. wish you get a better solution.

[C-Sto]

your wish is my command - the issue should be resolved as of 1526021

[timwhitez]

Awesome!