v 1.3.7

Start switch added (Fuzz syscall table starting from given syscall id, mutual exclusive with -call)
Internal rearrange
Readme update with fresh 24H2 bug
Rtls update

Compiled/badcalls.ini

@@ -1,5 +1,6 @@
 [ntos]
 NtClose
+NtInitiatePowerAction
 NtRaiseHardError
 NtReleaseKeyedEvent
 NtPropagationComplete

LICENSE.md

@@ -1,4 +1,4 @@
-Copyright (c) 2016 - 2022, NtCall64 Project
+Copyright (c) 2016 - 2023, NtCall64 Project
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are met:

NtCall64.sha256

@@ -1,45 +1,2 @@
-ddc4a319b3ce482f7e57cd8291994045c41ad62fbcb5a26b03b69a713bea2e4a *Compiled\badcalls.ini
-723e1dee6c66b9cbce5dfb87e489ebb70b41e607971393f391b8dba53e6b8734 *Compiled\NtCall64.exe
-9c41705a8efa0c845867b4b7d6f9771f2172c15d55e1f00f5de6ef3e4509693b *Source\NtCall64.sln
-fad664ec0d0c25531e5564889edeadfca4d47efe763d6536afeaf2d2eedd64d6 *Source\NtCall64\blacklist.c
-b48096900363f68a5eb0b395c9b86b133497f1a5725bf481dbe230d39802c906 *Source\NtCall64\blacklist.h
-dd32fab74b8aa7a2ac673ee4a6c76e4e852ee0bf9e1a6e0f31ca5f443a87557a *Source\NtCall64\fuzz.c
-9d985200820ae2fb844af24010a3addf38492d2d04c760716ed97494b620b847 *Source\NtCall64\fuzz.h
-e19447618ecf1721c7f7c94df27ebe78662c0966f0bb86af7399bbbfb7c493c4 *Source\NtCall64\global.h
-648ac51015c09a80c88aa4ffe1cc51d8dd08109a5d8ba06473e6ee68a751a475 *Source\NtCall64\log.c
-c1f0eb28ee9abc0c371c0ba6a1208b3d5821b20eace4a5a61aab821dbacb9a33 *Source\NtCall64\log.h
-5c2b48a253a178a79af61e713e16faeff3cab99f705ac92b57614556960fcdd8 *Source\NtCall64\main.c
-0078fbdb03efa638ecf840f776afd4fc4f69e0e96c6bd48363a51350f4321266 *Source\NtCall64\ntos.h
-d1130a87d31c6f62387dcfd5ce1449a68c8dad2bc62674d1cc887804758615ae *Source\NtCall64\resource.h
-dc8498bc0d0bd32ae2afe115bc5e5a4f885e0aa3608f28693d423fddff151789 *Source\NtCall64\resource.rc
-3957bcebe3741c99439bbcd0a4a56643ae5e5dae7139a25e2fea2f0c27ba784d *Source\NtCall64\syscall.asm
-062ac9e7119cb058554ec698e9f025e2976dae1a8a838bd5fbd443bdde763148 *Source\NtCall64\tables.h
-8b6fb6ce675dd79d355ab39bfe05cb4d9ca08c5ffe9268c838be7b37982e2f76 *Source\NtCall64\util.c
-86726b76f7e3456e4a827d43f3db5fce751e571c5969c6902607d5b95dd5e168 *Source\NtCall64\util.h
-6461b2932f106c395720cdcaaa834dc181bb1672646ce50984b318c719f50541 *Source\NtCall64\wfuzzer.vcxproj
-80f43d7f81eec7648ef4dde1dc4c39b2635becdf64c359441a35512f4bcf5c95 *Source\NtCall64\wfuzzer.vcxproj.filters
-5bb622e3b2e91f8ccc320d1cac51113009a3845c05d3de39c3a28b62f627c1f5 *Source\NtCall64\wfuzzer.vcxproj.user
-53a7ce27591e040b63880a3dd326b8ba8c97a0fa34d5e2d32aba89a0147434f6 *Source\NtCall64\hde\hde64.c
-e99aa4997bda14b534c614c3d8cb78a72c4aca91a1212c8b03ec605d1d75e36e *Source\NtCall64\hde\hde64.h
-f8e6a0be357726bee35c7247b57408b54bb38d94e8324a6bb84b91c462b2be30 *Source\NtCall64\hde\pstdint.h
-b774446d2f110ce954fb0a710f4693c5562ddbd8d56fe84106f2ee80db8b50a2 *Source\NtCall64\hde\table64.h
-893b90b942372928009bad64f166c7018701497e4f7cd1753cdc44f76da06707 *Source\NtCall64\minirtl\cmdline.c
-bd6fe82852c4fcdfab559defa33ea394b752a4e4a5ac0653ae20c4a94b0175ed *Source\NtCall64\minirtl\cmdline.h
-2a08385892845104b4f07d693ca395eba3a09e4aa89ad791be3807919316ed67 *Source\NtCall64\minirtl\minirtl.h
-d7fbfd69df3840022dab1f8f2d529ce04abac8cee0234448bfd0a67feb6aea22 *Source\NtCall64\minirtl\rtltypes.h
-0320808115d42f04f63a382e8f386aa9bc77ba879892f5ccc94c40378b5131c8 *Source\NtCall64\minirtl\strtou64.c
-f4763588a79859ba8a84e3be35fa1e4b0b8bf95f547a4fee5ae4612978c0787b *Source\NtCall64\minirtl\strtoul.c
-e56e67b10a67f0d5ef4128c7ab0c6cb9ba9966916720525edfa6abf3101dfe13 *Source\NtCall64\minirtl\u64tohex.c
-4d15af5a22467795c5367c3956746d01424795784f62ca3f30e4619c063338a5 *Source\NtCall64\minirtl\u64tostr.c
-f81c975acd016c97776dd3a8e3218e148682b0336ff3fcd77fad6d9b86ddf107 *Source\NtCall64\minirtl\ultohex.c
-9cbedf9b92abaef3ea28de28dd523ac44079592178ef727c7003c339a5a54712 *Source\NtCall64\minirtl\ultostr.c
-c1405b280bacc7566ccd041a74461de3f8496128fd71e39368905cf8d95268f6 *Source\NtCall64\minirtl\_filename.c
-9e3f1386bfb64dbaa3cbb12fd3bf51c734872c2fdf15cf1aaeca52a515767519 *Source\NtCall64\minirtl\_filename.h
-83772aa217508279294d91af5cfabec9b5e00b836a2e2f5fe37cf1ebc2905a52 *Source\NtCall64\minirtl\_strcat.c
-2a67c7690ec6df8e233207116b0e4fe76c02ae43595d9e606e123572b6ac88a1 *Source\NtCall64\minirtl\_strcmp.c
-ef1b18997ea473ac8d516ef60efc64b9175418b8f078e088d783fdaef2544969 *Source\NtCall64\minirtl\_strcmpi.c
-969b35213fa23ff50a169e5498a97f28bc6f5820b447b78ec9dc6910dd8cc3e8 *Source\NtCall64\minirtl\_strcpy.c
-27159b8ff67d3f8e6c7fdb4b57b9f57f899bdfedf92cf10276269245c6f4e066 *Source\NtCall64\minirtl\_strend.c
-60f19c6b805801e13824c4d9d44748da8245cd936971411d3d36b873121888eb *Source\NtCall64\minirtl\_strlen.c
-97e0720ed22d2d99e8148aab7ab2cb2cc3df278225669828b2d8d4d9ef856d94 *Source\NtCall64\minirtl\_strncmp.c
-0434d69daa20fbf87d829ffc17e43dcc2db3386aff434af888011fdec2f645a4 *Source\NtCall64\minirtl\_strncpy.c
+83a3c4632f0f685a56a5c0c54531eba10f32533c74590a011efe439c8a13d83e *Compiled\badcalls.ini
+aec6ca2f29b1c474ea1aa8e9a620a557be4391aa951ce35fcc98f45788cf8182 *Compiled\NtCall64.exe

README.md

@@ -20,6 +20,7 @@ NTCALL64 -help[-win32k][-log][-call Id][-pc Value][-wt Value][-s]
 * -call Id   - fuzz syscall by supplied id (id can be from any table ntos/win32k);
 * -pc Value  - set pass count for each syscall (maximum value is limited to ULONG64 max value), default value 65536;
 * -wt Value  - set wait timeout for calling threads in seconds (except single syscall fuzzing), default value is 30;
+* -start Id  - Fuzz syscall table starting from given syscall id, mutual exclusive with -call;
 * -s         - Attempt to run program from LocalSystem account.
 
 
@@ -62,6 +63,7 @@ Example of badcalls.ini (default config shipped with program)
 
 <pre>[ntos]
 NtClose
+NtInitiatePowerAction
 NtRaiseHardError
 NtReleaseKeyedEvent
 NtPropagationComplete
@@ -98,6 +100,7 @@ This program may crash the operation system, affect it stability, which may resu
 * [win32k!NtUserCreateActivationObject](https://gist.githubusercontent.com/hfiref0x/23a2331588e7765664f50cac26cf0637/raw/49457ef5e30049b6b4ca392e489aaceaafe2b280/NtUserCreateActivationObject.cpp)
 * [win32k!NtUserOpenDesktop](https://gist.githubusercontent.com/hfiref0x/6e726b352da7642fc5b84bf6ebce0007/raw/8df05220f194da4980f401e15a0efdb7694deb26/NtUserOpenDesktop.c)
 * [win32k!NtUserSetWindowsHookEx](https://gist.github.com/hfiref0x/8ecfbcc0a7afcc9917cef093ef3a18b2)
+* [win32k!NtUserInitialize -> win32kbase!Win32kBaseUserInitialize] (https://gist.github.com/hfiref0x/f731e690e6155c6763b801ce0e497db7)
 * [nt!NtLoadEnclaveData](https://gist.githubusercontent.com/hfiref0x/1ac328a8e73d053012e02955d38e36a8/raw/b26174f8b7b68506d62308ce4327dfc573b8aa26/main.c)
 * [nt!NtCreateIoRing](https://gist.github.com/hfiref0x/bd6365a7cfa881da0e9c9e7a917a051b)
 * [nt!NtQueryInformationCpuPartition](https://gist.github.com/hfiref0x/48bdc12241d0a981a6da473e979c8aff)
@@ -106,13 +109,11 @@ This program may crash the operation system, affect it stability, which may resu
 # Build
 
 NTCALL64 comes with full source code written in C with tiny assembler usage.
-In order to build from source you need Microsoft Visual Studio 2015 and later versions.
+In order to build from source you need Microsoft Visual Studio 2017 and later versions.
 
 ## Instructions
 
 * Select Platform ToolSet first for project in solution you want to build (Project->Properties->General): 
-  * v120 for Visual Studio 2013;
-  * v140 for Visual Studio 2015; 
   * v141 for Visual Studio 2017;
   * v142 for Visual Studio 2019;
   * v143 for Visual Studio 2022.
@@ -123,6 +124,6 @@ In order to build from source you need Microsoft Visual Studio 2015 and later ve
 
 # Authors
 
-(c) 2016 - 2022 NTCALL64 Project
+(c) 2016 - 2023 NTCALL64 Project
 
 Original NtCall by Peter Kosyh aka Gloomy (c) 2001, http://gl00my.chat.ru/