Hey,

I'm having Initialization error 8 when trying to initialize the win context.
It appears that the GetNTBuild function returns 0.
I'm currently on WIN10 ver 2004 build 19041.264

Alright noted down. The current method seems unsustainable, I believe the correct approach would be to parse that from ntoskrnl headers if the information is there. I'll try to fix this tomorrow.

Do you know what would be the correct return value so i could patch the function in the meantime?

19041, of course

But chances are, the offsets have also changed, you may need to fix those up as well

Yeah it gives me segfault when i return this value, there must be something wrong somewhere else

Yes, kernel structure offsets must be out of date. I will get around to fixing it when I get 2004 on my system, but I don't know when.

Is there any progress on this?

This particular issue has been resolved, however, the kernel offsets are still wrong. thus the process list will be incorrect. Someone can submit a PR with conditional offsets added for builds >= 19041 in wintools

Any help as to where i can find/dump these offsets?

Windbg provides a way to print data tables (dt!nt or something like that), the names in wintools, however, are very much shortened, so you would have to guess, or compare with the names at around the same offsets (they rarely change much, but rather by a few multiples of 8 bytes)

Fixed in #32