nefarius/Domito
1
0
Fork 0
Code Issues Activity

Bugfix

Browse Source
This commit is contained in:
Benjamin Höglinger-Stelzer 2023-07-03 00:55:51 +02:00
parent f1ac78134e
commit 1e7e4007de
1 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/Domito.cpp
View File

@ -27,6 +27,15 @@ _IRQL_requires_max_(PASSIVE_LEVEL)
NTSTATUS
DomitoInit()
{
//
// Do those first since the follow-up code depends on them
//
G_Common.ZwQueryInformationProcess =
(t_ZwQueryInformationProcess)MmGetSystemRoutineAddress((PUNICODE_STRING)&G_QipRoutineName);
G_Common.RtlImageDirectoryEntryToData =
(t_RtlImageDirectoryEntryToData)MmGetSystemRoutineAddress((PUNICODE_STRING)&G_IdetdRoutineName);
const STRING ciModuleName = RTL_CONSTANT_STRING("\\SystemRoot\\system32\\CI.dll");
PVOID driverBaseAddress = NULL, functionAddress = NULL;
@ -62,12 +71,7 @@ DomitoInit()
G_CI.CiValidateFileObject = (t_CiValidateFileObject)functionAddress;
}
}
G_Common.ZwQueryInformationProcess =
(t_ZwQueryInformationProcess)MmGetSystemRoutineAddress((PUNICODE_STRING)&G_QipRoutineName);
G_Common.RtlImageDirectoryEntryToData =
(t_RtlImageDirectoryEntryToData)MmGetSystemRoutineAddress((PUNICODE_STRING)&G_IdetdRoutineName);
return STATUS_SUCCESS; // TODO: unused currently
}