Idk how much I've been learning with your videos. Divvying into the low level world tells me that I should not have started with JavaScript. I'm studying C and your videos are helping me so much. Thank you!
Very interesting. I would love to see a video (if it's even possible) about what happens in the actual syscall. Like the code that's executed in kernel mode. Maybe in windows that'll probably be harder than Windows, but yeah. Just a suggestion.
Thanks! That is a good idea for a future video, it is possible by kernel debugging or taking a look at the source code of ReactOS to get an idea of how it may be implemented.
Very interesting content. Keep up the good work! How did you set up multiple desktops in Windows? It looks very linux-like. (Maybe it is Windows running as a VM under linux?)
@@leviatan3759 also showing xorg applications in windows shell is something only wsl has pulled off till now AFAIK, you'd need to vnc to use a xorg server.
nothing, he's obviously flexing that he knows assembly, that's about it. Always use cross platform libraries and abstractions if possible. You rarely develop for windows only.
Very few, but it is in theory more efficient than going through the Win32 abstraction layer. NT file functions in particular, there's a performance benefit if you use native NT paths over DOS paths, where Win32 has to call RtlDosPathNameToNtPathName (but now your paths look like \??\X:\ABC\DEF). Also you need to use NT Native if you run before Win32 is initialised - for instance CSRSS.exe implements Win32 stuff, so has to use NTAPI. Also there are a couple of functions that are only accessible that way - for example if you call NtRaiseHardError correctly, you can blue screen the machine (it doesn't even prompt for UAC elevation, but you need shutdown privs).
@@AmaroqStarwind Thing is, while it would in theory be possible, it would be needlessly difficult. For game programming the efficiency of DirectX is hard to beat, and you now can't call D3D11CreateDevice(), as that's in D3D11.dll, and it calls into functions like LoadLibrary(). I think you'd basically end up reimplementing at least a substantial portion of the User mode DirectX infrastructure. Also, of course, linking to NTAPI directly almost immediately breaks compatibility with Windows 9x, which while it isn't a huge deal these days, is where the Win32 API came from. But it shows that you can implement the same API on an entirely different kernel, whereas if you link to NT you're tying yourself to an internal interface to the NT kernel. A more feasible challenge would be to write a DirectX game in assembly.
One thing I always have wondered about is how one could make a simple program that doesn't need runtime (vcruntime) in order for making a simple standalone installer. Also while on the topic of runtime, could one make your own C runtime instead of vcruntime? I mean like implementing your own version of strcpy(), malloc() etc. Also what about LoadLibrary()? I have seen by someone that did make minimalistic C without C runtime but that person didn't show how to be able to call the LoadLibrary(). Hopefully things makes sense but these questions have so far eluded me as I see it could be useful for game development and small utility programs. It would be handy to just drop a standalone exe-file in whatever Windows environment without worrying about runtimes.
Windows environments always come with the basic DLLs since they are also required for many Windows components as well. LoadLibrary comes from kernel32.dll so to use this in your program you will have to tell the linker to link to kernel32.lib (like I did in the video). Generally, you could just link to all the DLL libs you need and then you won't need to call LoadLibrary at runtime to load the DLLs since the Windows loader will load the DLLs for you before starting your program. About adding a C Runtime, you have a couple of options you could either just link statically with the CRT (and then you won't depend on a DLL at all and your program will contain the CRT code built in) or if you want to use a DLL instead and be agnostic to Windows version you could consider using CRTDLL which comes built in with Windows NTs as explained over here: learn.microsoft.com/en-us/troubleshoot/developer/visualstudio/cpp/libraries/use-c-run-time
@@xfxpositions it really shouldn't be too hard to make, all you've got to change is some utility function implementation from xorg to win32 (I think user32.dll provides reasonable window management functions) cus the dwm codebase as it stands is incredibly high level and dependent on those utils. With that said, the bar seems like a challenge, HDC in win32 is a joke and handling it in C would require a lot of Ugly Structs. But it definitely is possible.
@theSoberSobber indeed the port uses a lot of USER32 functions including a function that listens for newly created windows, by HDC do you mean handle for device context?
There's a barebones guide on osdev wiki where you can do whatever you want afterwards. Shit's complicated as hell though and there's a lot of reading to go through. I tried it a year ago and only got some pretty ASCII art to display on boot.
Yes. But it's extremely limited. The second Microsoft updates Windows kernel to have a diferent ID for the syscall ure using, ur program will either break from calling some other kernel function wrongly, or just segfault
That's a good question I should have made it more clear in the video, on the current video I am writing x64 Assembly and on my previous Windows assembly videos I wrote x86 assembly, the code and the calls look a little different due to the different calling conventions and use of x64 versions of Windows DLLs instead of x86
Learning about what happens in the lower level also helps with understanding more deeply and solving problems better when doing high level programming :)
Idk how much I've been learning with your videos. Divvying into the low level world tells me that I should not have started with JavaScript. I'm studying C and your videos are helping me so much. Thank you!
This is the content i need, your channel is perfect
Excellent tutorial. Would love to see more Windows related content.
Very interesting, I didn't expect to see it in assembly but it's even better.
This was very interesting and easy to follow thanks!
Very interesting. I would love to see a video (if it's even possible) about what happens in the actual syscall. Like the code that's executed in kernel mode. Maybe in windows that'll probably be harder than Windows, but yeah. Just a suggestion.
Thanks! That is a good idea for a future video, it is possible by kernel debugging or taking a look at the source code of ReactOS to get an idea of how it may be implemented.
Very interesting content. Keep up the good work! How did you set up multiple desktops in Windows? It looks very linux-like. (Maybe it is Windows running as a VM under linux?)
I wonder samething maybe it is x server on windows + dwm
@@leviatan3759 a Xserver will never be able to manage windows that are win32 and not xorg based, this is 100% a windows native implementation.
@@leviatan3759 also showing xorg applications in windows shell is something only wsl has pulled off till now AFAIK, you'd need to vnc to use a xorg server.
Thanks! I am using a port of Suckless dwm for Windows called dwm-win32, more info on the vid about my setup :)
it's the dwm port for windows. I believes he's also using wsl
What theoretical advantages are there to using the Native API when it's not actually required?
nothing, he's obviously flexing that he knows assembly, that's about it. Always use cross platform libraries and abstractions if possible. You rarely develop for windows only.
Very few, but it is in theory more efficient than going through the Win32 abstraction layer. NT file functions in particular, there's a performance benefit if you use native NT paths over DOS paths, where Win32 has to call RtlDosPathNameToNtPathName (but now your paths look like \??\X:\ABC\DEF). Also you need to use NT Native if you run before Win32 is initialised - for instance CSRSS.exe implements Win32 stuff, so has to use NTAPI.
Also there are a couple of functions that are only accessible that way - for example if you call NtRaiseHardError correctly, you can blue screen the machine (it doesn't even prompt for UAC elevation, but you need shutdown privs).
@@nathanielcleland6566 Wow… I almost want to make a game using NT calls just to flex…
@@AmaroqStarwind Thing is, while it would in theory be possible, it would be needlessly difficult. For game programming the efficiency of DirectX is hard to beat, and you now can't call D3D11CreateDevice(), as that's in D3D11.dll, and it calls into functions like LoadLibrary(). I think you'd basically end up reimplementing at least a substantial portion of the User mode DirectX infrastructure.
Also, of course, linking to NTAPI directly almost immediately breaks compatibility with Windows 9x, which while it isn't a huge deal these days, is where the Win32 API came from. But it shows that you can implement the same API on an entirely different kernel, whereas if you link to NT you're tying yourself to an internal interface to the NT kernel.
A more feasible challenge would be to write a DirectX game in assembly.
Loads of Advantages when it comes to malware especially when typically most edr’s hook win32 api functions, calling native api can bypass this
One thing I always have wondered about is how one could make a simple program that doesn't need runtime (vcruntime) in order for making a simple standalone installer. Also while on the topic of runtime, could one make your own C runtime instead of vcruntime? I mean like implementing your own version of strcpy(), malloc() etc. Also what about LoadLibrary()? I have seen by someone that did make minimalistic C without C runtime but that person didn't show how to be able to call the LoadLibrary(). Hopefully things makes sense but these questions have so far eluded me as I see it could be useful for game development and small utility programs. It would be handy to just drop a standalone exe-file in whatever Windows environment without worrying about runtimes.
Windows environments always come with the basic DLLs since they are also required for many Windows components as well. LoadLibrary comes from kernel32.dll so to use this in your program you will have to tell the linker to link to kernel32.lib (like I did in the video). Generally, you could just link to all the DLL libs you need and then you won't need to call LoadLibrary at runtime to load the DLLs since the Windows loader will load the DLLs for you before starting your program.
About adding a C Runtime, you have a couple of options you could either just link statically with the CRT (and then you won't depend on a DLL at all and your program will contain the CRT code built in) or if you want to use a DLL instead and be agnostic to Windows version you could consider using CRTDLL which comes built in with Windows NTs as explained over here: learn.microsoft.com/en-us/troubleshoot/developer/visualstudio/cpp/libraries/use-c-run-time
You can made libc-less windows executable but portable with this NtCurrentPeb()->Ldr->InLoadOrderModuleList.Flink->Flink
What's the advantages of native API over windows API?
Win32 API is just wrapper to Native API
Thanks a lot man, ❤
bro, why your windows became like a window manager?
In this video I used dwm-win32, but I have since stopped using it due to bugs, and I am now using the one I am working on called LightWM :)
What's your window manager?
a port of dwm in windows
@@ezz3664 is it possible?
@@xfxpositions it really shouldn't be too hard to make, all you've got to change is some utility function implementation from xorg to win32 (I think user32.dll provides reasonable window management functions) cus the dwm codebase as it stands is incredibly high level and dependent on those utils. With that said, the bar seems like a challenge, HDC in win32 is a joke and handling it in C would require a lot of Ugly Structs. But it definitely is possible.
I indeed use a port of Suckless dwm for Windows called dwm-win32, more info on the vid about my setup :)
@theSoberSobber indeed the port uses a lot of USER32 functions including a function that listens for newly created windows, by HDC do you mean handle for device context?
Where could this knowledge be used for example?
🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥
Please show us howto build driver for pci e video card
More driver videos are planned, including one that talks about PCI :)
Can you make a video on how to make a os using C or C++
There's a barebones guide on osdev wiki where you can do whatever you want afterwards. Shit's complicated as hell though and there's a lot of reading to go through. I tried it a year ago and only got some pretty ASCII art to display on boot.
I plan on making more videos in the spirit of my video about making a bootloader :)
nice
Could you just do the syscall yourself and not need to link ntdll
Yes. But it's extremely limited. The second Microsoft updates Windows kernel to have a diferent ID for the syscall ure using, ur program will either break from calling some other kernel function wrongly, or just segfault
Can you explain why the way you call the Windows API differs so much from, say, in this video: th-cam.com/video/1-MFeA3TyJk/w-d-xo.html
That's a good question I should have made it more clear in the video, on the current video I am writing x64 Assembly and on my previous Windows assembly videos I wrote x86 assembly, the code and the calls look a little different due to the different calling conventions and use of x64 versions of Windows DLLs instead of x86
Thanks, this is called programming. otherwise, we are doing all high-level bullshit.
Learning about what happens in the lower level also helps with understanding more deeply and solving problems better when doing high level programming :)
o/
great tutorial
Super interesting!!
Thanks Bro! Cool to see you here in the comments section :)