Mirrors/wavestone-cdt-edrsandblast
1
0
Fork 0
mirror of https://github.com/wavestone-cdt/EDRSandblast.git synced 2026-06-08 08:35:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update EDRSandblast_API.c - MiniFilter Callbacks not restored

Browse Source 
The wrong function is called.
This commit is contained in:
Rafael Scheel
2024-06-23 21:30:01 +02:00
committed by Maxime Meignan
parent c0ae62ac1d
commit 0710fad92d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
EDRSandblast_StaticLibrary/EDRSandblast_API.c
+1 -1
View File
@@ -425,7 +425,7 @@ EDRSB_STATUS Krnlmode_RestoreAllMonitoring(_In_ EDRSB_CONTEXT* ctx) {
if (!ctx->config->actions.DontRestoreCallBacks && ctx->foundMinifilterCallbacks) {
_putts_or_not(TEXT("[+] Restoring EDR's minifilter callbacks..."));
EnableEDRProcessAndThreadObjectsCallbacks(ctx->foundEDRDrivers);
RestoreEDRMinifilterCallbacks(ctx->foundEDRDrivers);
}
// Renable the ETW Threat Intel provider.