Created
November 15, 2023 08:45
-
-
Save un4ckn0wl3z/d7bcac6fd2c66cfbe35ae2180bc26755 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #pragma warning(disable: 4996) | |
| #include <ntddk.h> | |
| void DriverCleanup(PDRIVER_OBJECT DriverObject); | |
| PVOID someAllocation; | |
| extern "C" | |
| NTSTATUS | |
| DriverEntry( | |
| _In_ PDRIVER_OBJECT DriverObject, | |
| _In_ PUNICODE_STRING RegistryPath) | |
| { | |
| UNREFERENCED_PARAMETER(RegistryPath); | |
| DbgPrint("[+] Hello from FirstDriver DriverEntry\n"); | |
| DriverObject->DriverUnload = DriverCleanup; | |
| someAllocation = ExAllocatePoolWithTag( | |
| PagedPool, | |
| 1024, | |
| 'TAG1'); | |
| DbgPrint("[+] Memory allocated at 0x%08p", someAllocation); | |
| return STATUS_SUCCESS; | |
| } | |
| void | |
| DriverCleanup( | |
| PDRIVER_OBJECT DriverObject | |
| ) | |
| { | |
| UNREFERENCED_PARAMETER(DriverObject); | |
| DbgPrint("[+] Hello from FirstDriver DriverUnload\n"); | |
| DbgPrint("[+] Freeing memory at 0x%08p", someAllocation); | |
| ExFreePoolWithTag( | |
| someAllocation, | |
| 'TAG1'); | |
| DbgPrint("[+] Memory freed\n"); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment