Hello team,

I have problems when I run the nanodump.x64.exe directly on a Windows Server 2012 R2 (in a powershell). Unfortunately there is no output or any error message at all. In general it looks like this:

PS C:\users\public> .\n64.exe --write test1.docx
PS C:\users\public>

PS C:\users\public> .\n64.exe --write test2.docx --fork
PS C:\users\public>

PS C:\users\public> .\n64.exe --write test3.docx --snapshot
PS C:\users\public>

Nothing is done or written to the hard disk. Tested the same behavior on multiple Windows Server 2012 R2 with the same result. Have you ever noticed such behavior?

Example system version:

OS Name:                   Microsoft Windows Server 2012 R2 Standard
OS Version:                6.3.9600 N/A Build 9600

Thanks in advance for the support and also for the really cool tool :)

Thank you for the detailed explanation.
I will look into this whenever I have time, in the meanwhile, you can compile a debug version of nanodump like so:

make debug -f Makefile.mingw

You can try to run the debug build and see if you get an error message.

Ok, this is now fixed here: a73f61e

The issue was in the direct syscall implementation, the ntdll dll from windows server 2012 was different from windows 10.

Thanks a lot for reporting! 😄

it now works like a charm. Thanks a lot :)

Same issue on Server 2008 R2

hey @jas594, I will take a look

I think it should be fixed on the latest commit: 2c0b3d5
Let me know if you are still having issues,
thanks for reporting!

Thanks!