+- +-


Welcome, Guest.
Please login or register.

Login with your social network

Forgot your password?


Total Members: 134
Latest: jemes petrick
New This Month: 0
New This Week: 0
New Today: 0
Total Posts: 170
Total Topics: 99
Most Online Today: 3
Most Online Ever: 677
(September 13, 2022, 10:57:19 am)
Users Online
Members: 0
Guests: 3
Total: 3

Author Topic: Native API tutorial  (Read 2105 times)


  • Administrator
  • Full Member
  • *****
  • Posts: 155
  • I love anime and science!
    • View Profile
    • My blog
Native API tutorial
« on: February 09, 2017, 08:52:16 pm »
Native API is a low level API used by Win32 API and some system Windows system processes. However, you can also use Native API in your own application.

In this tutorial, I will show you how to use Native API in Visual Studio 2012. To use Native API, you need ntdll.h and ntdll.lib. ntdll.h is the header file for Native API. It defines the functions and data structures of Native API. ntdll.lib is the import library of ntdll.dll, which export the Native API functions.

First, copy ntdll.h and ntdll.lib to your project directory, then include the header and link to ntdll.lib.

To include ntdll.h, add the following code to your application:

Code: [Select]
#include "ntdll.h"
To link to ntdll.lib, add the following code to your application:

Code: [Select]
#pragma comment(lib,"ntdll.lib")
That's all you need for using Native API. Here is an example application that uses Native API functions to get the current system uptime.


Code: [Select]
#include <stdio.h>
#include <Windows.h>
#include "ntdll.h"

#pragma comment(lib,"ntdll.lib")

int main()
NTSTATUS status;



printf("Error: NtQuerySystemInformation failed with status %#x",status);
return 0;

Uptime=(TimeOfDay.CurrentTime.QuadPart-TimeOfDay.BootTime.QuadPart)/10000000; // Calculate the system uptime and convert it from 100 nanoseconds intervals to seconds

printf("System uptime: %llu days, %02llu:%02llu:%02llu",Uptime/86400,(Uptime/3600) % 24,(Uptime/60) % 60,Uptime % 60); // Show the uptime
return 0;


Native API functions and structures:

NtQuerySystemInformation structures:


ntdll.h and ntdll.lib download:
« Last Edit: February 09, 2017, 09:02:19 pm by zwclose7 »

Share on Facebook Share on Twitter


  • Newbie
  • *
  • Posts: 6
    • View Profile
Re: Native API tutorial
« Reply #1 on: January 08, 2019, 02:11:02 am »
I was looking for a nice way to call into ntdll without needing GetProcAddress and defining a function pointer type.
Also the link on ntqsi seems so complete. I'll be using this when I have time to work on cool stuff.

Thanks for sharing! :D :D

I'd like to add to the post (because this added info may not deserve its own one) that if you want to generate the import library (.lib) from a dll it can be done like this:

1. dumpbin /EXPORTS ntdll.dll > ntdll.def
the generated ntdll.def should be a file with the name of all the exports of ntdll.dll, one per line.
2. add the word EXPORTS as a first line to the previously generated file. You can delete the functions whose stub you don't want in your .lib
3. run the following commands from the VC/bin directory of Visual Studio (where link.exe is)
 lib /def:ntdll.def /out:ntdll.lib

This should spit ntdll.lib and ntdll.exp

The tool IMPLIB from a company called digitalmars can also be used.
« Last Edit: January 08, 2019, 03:10:32 am by hMihaiDavid »


+-Recent Topics

Why Should We Use An Opensea Clone To Begin Your Crypto Business by jemes petrick
September 27, 2022, 07:43:26 pm

Latest NFT Marketplace Trends by jemes petrick
September 23, 2022, 06:24:09 pm

OpenSea Clone Script on Various Blockchains by jemes petrick
September 12, 2022, 07:40:43 pm

Hi zwclose7. How to create process by using NT apis? by zwclose7
June 01, 2021, 03:09:52 pm

Poison of the Day by zwclose7
March 16, 2020, 06:45:08 pm

Native API tutorial by hMihaiDavid
January 08, 2019, 02:11:02 am

The properties of GP nerve agent by xchg
October 19, 2018, 07:40:57 pm

A new route of synthesis for G-series agents by Basquyatti
October 15, 2018, 06:12:57 am

Synthesis of Methylisobutylcarbinylsarin (GH) by APC process by Basquyatti
October 14, 2018, 07:55:33 am

Synthesis conventional of Sarin by Basquyatti
October 02, 2018, 07:57:32 am