Skip to content

Instantly share code, notes, and snippets.

@sasqwatch
Created February 1, 2021 20:04
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save sasqwatch/24b67c1eb3879217981c49cebf98a663 to your computer and use it in GitHub Desktop.
Save sasqwatch/24b67c1eb3879217981c49cebf98a663 to your computer and use it in GitHub Desktop.
#include <windows.h>
#include <ntstatus.h>
#include <winternl.h>
#include <stdio.h>
typedef struct __attribute__((packed))
{
ULONG ExtendedInfoClass;
ULONG ExtendedInfoClassResponse;
} MITIGATION_POLICY, *PMITIGATION_POLICY;
INT WINAPI WinMain( HINSTANCE a, HINSTANCE b, LPSTR c, INT d )
{
MITIGATION_POLICY Policy = { 0 };
NTSTATUS Status = STATUS_SUCCESS;
Policy.ExtendedInfoClass = ProcessControlFlowGuardPolicy;
Policy.ExtendedInfoClassResponse = 0;
Status = NtQueryInformationProcess(
GetCurrentProcess( ),
ProcessCookie | ProcessUserModeIOPL,
&Policy,
sizeof( Policy ),
NULL
);
if ( NT_SUCCESS( Status ) ) {
if ( Policy.ExtendedInfoClassResponse ) {
printf("[ ] Control Flow Guard Policy Enabled\n");
} else {
printf("[ ] Control Flow Guard Policy Disabled\n");
};
};
return 0;
};
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment