From ea105e2f9790ca7f3d1b7d604aaa5c7b5f29a184 Mon Sep 17 00:00:00 2001
From: segfault <toni@impl.cc>
Date: Mon, 12 Oct 2020 11:28:33 -0700
Subject: Added Crypto function bodies, renamed ASM fn to get next RIP after
 return and improved CRYPTO_* macros.

---
 KMemDriver/KMemDriver.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

(limited to 'KMemDriver/KMemDriver.c')

diff --git a/KMemDriver/KMemDriver.c b/KMemDriver/KMemDriver.c
index 921ab0f..db865d1 100644
--- a/KMemDriver/KMemDriver.c
+++ b/KMemDriver/KMemDriver.c
@@ -27,8 +27,6 @@
 
 #define WAIT_OBJECT_0 ((STATUS_WAIT_0 ) + 0 )
 
-extern PVOID getCurrentRIP(void);
-
 DRIVER_INITIALIZE DriverEntry;
 #pragma alloc_text(INIT, DriverEntry)
 void OnImageLoad(
@@ -165,6 +163,7 @@ NTSTATUS DriverEntry(
 	_In_  PUNICODE_STRING RegistryPath
 )
 {
+	CryptoInit(CRYPTO_FNPTR(DriverEntry), NULL);
 	CRYPT_PROLOGUE();
 	NTSTATUS status;
 	HANDLE hThread = NULL;
@@ -175,6 +174,7 @@ NTSTATUS DriverEntry(
 	UNREFERENCED_PARAMETER(RegistryPath);
 
 	KDBG("Driver Loaded\n");
+
 	if (!DriverObject && RegistryPath) {
 		/* assume that we are manual mapped by PastDSE */
 		mmapedBase = RegistryPath;
@@ -198,8 +198,6 @@ NTSTATUS WaitForControlProcess(OUT PEPROCESS *ppEProcess)
 	if (!ppEProcess)
 		return STATUS_INVALID_ADDRESS;
 
-	KDBG("CurrentRIP: %p\n", getCurrentRIP());
-
 	imageBase = NULL;
 	ctrlPID = NULL;
 
-- 
cgit v1.2.3