no slot for function (reduce number of Win32 APIs called)

[AlexsanderShaw]

Hi, i got the this issue:

And then, how can i fix this?

[kapiushion]

The limit Of Win32 API Calls is 32 by default In Cobalt Strike, I am trying to rewrite some of the functions using Dynamic APIs, and not using the Win Api From Cobalt Strike Format, In total Right now No-Consolation is calling 34 win32 APIs In Cobalt Stike Format, We need at least to get rid of 2 API Calls, and do it Dinamically to make it work; for the moment the code that I update, does not throw the error but crashes the process, so is not working yet; I tried with some of the replacements of the Nt calls using Indirect Syscalls, but that is what seems to be crashing it, I will try different variations till I get it working if I get it done, I will submit a pull request.

[S4ntiagoP]

hey there, this is a limitation on the BOF loader of CS. The max number of APIs is a limitation that is likely to be addressed soon, so I won't "fix" this. I will leave this open until CS removes this limitation tho.