Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

kernel32

laonglaing
laonglaing
in Programming and Coding

Featured Replies

Posted

Hi I was wondering if it is possible to emulate keyboard press and mouse click using kernel32.dll ? instead of using user32.dll import.

This is User32.SendInput of win10 x64 in IDA:

Quote

.text:0000000180033120 ; UINT __stdcall NtUserSendInput(UINT cInputs, LPINPUT pInputs, int cbSize)
.text:0000000180033120                 public NtUserSendInput
.text:0000000180033120 NtUserSendInput proc near               ; CODE XREF: mouse_event+39p
.text:0000000180033120                                         ; keybd_event+39p
.text:0000000180033120                                         ; DATA XREF: ...
.text:0000000180033120                 mov     r10, rcx
.text:0000000180033123                 mov     eax, 1084h
.text:0000000180033128                 test    byte ptr ds:7FFE0308h, 1
.text:0000000180033130                 jnz     short loc_180033135
.text:0000000180033132                 syscall
.text:0000000180033134                 retn
.text:0000000180033135 ; ---------------------------------------------------------------------------
.text:0000000180033135
.text:0000000180033135 loc_180033135:                          ; CODE XREF: NtUserSendInput+10j
.text:0000000180033135                 int     2Eh             ; DOS 2+ internal - EXECUTE COMMAND
.text:0000000180033135                                         ; DS:SI -> counted CR-terminated command string
.text:0000000180033137                 retn
.text:0000000180033137 NtUserSendInput endp

It does a direct syscall, if you want, you can do this syscall yourself and don't depend on dlls, however, I didn't see any method in kernel32 to do this.

@A200K in this case he has to update the "mov eax,cost" for each machine because it's not always the same in different OS/Build

Edited by cob_258

  • Author

so in other words? no way to do keyboard emulation using kernel32?
actually i am working on my c# application to work in kernel mode. and was thinking to use kernel32.dll

you guys got other choice or option? 

Hi

Easiest way is using LoadLibraryA/W, GetProcAddress ...

but I have no idea .Net can run in kernel mode or not !!!

 

Best Regards,

h4sh3m

  • Author

yep if not in .net c++ maybe? or.. hmmm... got no idea here where to start.

 

6 hours ago, laonglaing said:

so in other words? no way to do keyboard emulation using kernel32?
actually i am working on my c# application to work in kernel mode. and was thinking to use kernel32.dll

you guys got other choice or option? 

Wtf.

Using user32 or kernel32 won't decide whether you are in kernel mode or not. lol.

C# won't make sense in kernel mode anyways, as you won't be able to access all your user mode apis used by the .net framework. That's why you use C and the windows driver sdk for low-level programming like kernel mode drivers.

 

I guess, if you really want to be in kernel mode, you should learn more about windows kernel driver programming.

i hope he didnt run around school going 'yay im a kernel mode hax0r using c#'...

kernel mode != kernel32 ... sigh..

  • Author
On 5/21/2016 at 4:46 PM, A200K said:

Wtf.

Using user32 or kernel32 won't decide whether you are in kernel mode or not. lol.

C# won't make sense in kernel mode anyways, as you won't be able to access all your user mode apis used by the .net framework. That's why you use C and the windows driver sdk for low-level programming like kernel mode drivers.

 

I guess, if you really want to be in kernel mode, you should learn more about windows kernel driver programming.

gotcha. thanks for confirming this. someone told that they are the same. so i should re write my program into C.
any idea or guide regarding kernel driver programming? or atleast a sample project that i can study.

2 hours ago, laonglaing said:

gotcha. thanks for confirming this. someone told that they are the same. so i should re write my program into C.
any idea or guide regarding kernel driver programming? or atleast a sample project that i can study.

 

Microsoft released a few driver samples here:

https://github.com/Microsoft/Windows-driver-samples

MSDN is your friend as well :)

Create an account or sign in to comment

Go to topic listing

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.