Foro de elhacker.net

Hello,

i have th following declaration of RtlGetNtVersionNumber:


and using like this:

 
Dim OsBuild As Integer
Dim MaN As Long, MiN As Long
Dim FilePath As String
 
Call RtlGetNtVersionNumber(MaN, MiN, OsBuild)
Select Case OsBuild
    Case 2600
        FilePath = "\WinXPSssdt.txt"
    Case 3750
        FilePath = "\Win2k3x86Sssdt.txt"
    Case 6000
        FilePath = "\VistaX86Sssdt.txt"
    Case 7600
        FilePath = "\Win7x86Sssdt.txt"
    Case 9200
        FilePath = "\Win8x86Sssdt.txt"
    Case 9600
        FilePath = "\Win81x86Sssdt.txt"
    Case 10240
        FilePath = "\Win10Th1x86Sssdt.txt"
    Case 10586
        FilePath = "\Win10Th2x86Sssdt.txt"
    Case Else
        MsgBox "Current System is not supported", vbExclamation, "Error": End
End Select
 

but i'm getting this error saying:

"Can't find DLL entry point RtlGetNtVersionNumber in ntdll.dll"

some idea how solve?

thank you by any suggestion.

Hi.

The error message its self-explanatory, it doesn't exists any exported function with the name "RtlGetNtVersionNumber" in the dll that you are trying to import, in other words: that function name doesn't exists (at least as an export) inside of your specific version of the ntdll.dll file.

Anyways the Windows API function names that starts with "Rtl*" are system reserved (and may be unavailable in newer versions of the operating system), mostly not documented because those functions are not intended to be used by the end-user.

To retrieve the build number of the current O.S you could use GetVersion function instead, or GetVersionEx function + OSVERSIONINFO structure:

• GetVersion function | MSDN (https://msdn.microsoft.com/en-us/library/windows/desktop/ms724439(v=vs.85).aspx)
• GetVersionEx function | MSDN (https://msdn.microsoft.com/en-us/library/windows/desktop/ms724451(v=vs.85).aspx)
• OSVERSIONINFO structure | MSDN (https://msdn.microsoft.com/en-us/library/windows/desktop/ms724834(v=vs.85).aspx)

Once said this, be aware that if your purpose is to determine which is the current release (NT) version of Windows, then your code is wrong because you are just checking the build number, then it will not determine a Windows NT version properly, instead it just will accept the build numbers that you are handling and it will fail producing the error messagebox that you have specified in your code for any other build number that is not handled. That is not the way to do it, you must evaluate only the major and minor version numbers (wich both in conjunction defines the value to determine Windows version), not the build/compilation number.

For a reference of the Windows NT versioning, read this:

• List of Microsoft Windows versions | Wikipedia (https://en.wikipedia.org/wiki/List_of_Microsoft_Windows_versions)

Also take into account that you could simplify the job by replacing all your Select Case for a Select case that evaluates the value returned by the operating system's version helper (boolean) functions:

• Version Helper functions | MSDN (https://msdn.microsoft.com/es-es/library/windows/desktop/dn424972(v=vs.85).aspx)

...from recent Windows version to least recent.

PS: Finally, ensure to don't miss in the MSDN articles the Windows 10 version checking warnings when using GetVersionEx/GetVersion or IsWindows10OrGreater functions if you want to prevent false positives.

Regards.

Elektro, thank you very much.