diff options
| author | segfault <toni@impl.cc> | 2020-10-11 10:01:32 -0700 |
|---|---|---|
| committer | segfault <toni@impl.cc> | 2020-10-11 10:01:32 -0700 |
| commit | 780127138ef45e4e0baee5a8616bd5c335f5ebe6 (patch) | |
| tree | c9fe918868e59b3bdeeabb3c0533cf0a79465fda | |
| parent | d00677ccf8eb4029009dccac0f3102b87b230634 (diff) | |
Added simple x86_64-ASM source to get the current IP.
| -rw-r--r-- | KMemDriver/KMemDriver.c | 5 | ||||
| -rw-r--r-- | KMemDriver/KMemDriver.vcxproj | 5 | ||||
| -rw-r--r-- | KMemDriver/KMemDriver.vcxproj.filters | 5 | ||||
| -rw-r--r-- | KMemDriver/Utils.asm | 11 |
4 files changed, 25 insertions, 1 deletions
diff --git a/KMemDriver/KMemDriver.c b/KMemDriver/KMemDriver.c index 741f932..3865b67 100644 --- a/KMemDriver/KMemDriver.c +++ b/KMemDriver/KMemDriver.c @@ -26,6 +26,8 @@ #define WAIT_OBJECT_0 ((STATUS_WAIT_0 ) + 0 ) +extern PVOID getCurrentRIP(void); + DRIVER_INITIALIZE DriverEntry; #pragma alloc_text(INIT, DriverEntry) void OnImageLoad( @@ -184,7 +186,6 @@ NTSTATUS DriverEntry( return status; } - FNZERO(DriverEntry); return status; } @@ -195,6 +196,8 @@ NTSTATUS WaitForControlProcess(OUT PEPROCESS *ppEProcess) if (!ppEProcess) return STATUS_INVALID_ADDRESS; + KDBG("CurrentRIP: %p\n", getCurrentRIP()); + imageBase = NULL; ctrlPID = NULL; diff --git a/KMemDriver/KMemDriver.vcxproj b/KMemDriver/KMemDriver.vcxproj index 5264a6f..0c97b63 100644 --- a/KMemDriver/KMemDriver.vcxproj +++ b/KMemDriver/KMemDriver.vcxproj @@ -182,6 +182,11 @@ <ClInclude Include="Imports.h" /> <ClInclude Include="Native.h" /> </ItemGroup> + <ItemGroup> + <MASM Include="Utils.asm"> + <GenerateDebugInformation Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</GenerateDebugInformation> + </MASM> + </ItemGroup> <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" /> <ImportGroup Label="ExtensionTargets"> </ImportGroup> diff --git a/KMemDriver/KMemDriver.vcxproj.filters b/KMemDriver/KMemDriver.vcxproj.filters index e69aafd..ff05a79 100644 --- a/KMemDriver/KMemDriver.vcxproj.filters +++ b/KMemDriver/KMemDriver.vcxproj.filters @@ -32,4 +32,9 @@ <Filter>Source Files</Filter> </ClCompile> </ItemGroup> + <ItemGroup> + <MASM Include="Utils.asm"> + <Filter>Source Files</Filter> + </MASM> + </ItemGroup> </Project>
\ No newline at end of file diff --git a/KMemDriver/Utils.asm b/KMemDriver/Utils.asm new file mode 100644 index 0000000..d95a64e --- /dev/null +++ b/KMemDriver/Utils.asm @@ -0,0 +1,11 @@ +PUBLIC getCurrentRIP + +.code _text + +getCurrentRIP PROC PUBLIC +pop rax +push rax +ret +getCurrentRIP ENDP + +END
\ No newline at end of file |