Skip to content

Instantly share code, notes, and snippets.

View responder_comdata.txt
This file has been truncated, but you can view the full file.
{0000031A-0000-0000-C000-000000000046}: CLSID
{0000002F-0000-0000-C000-000000000046}: CLSID CLSID_RecordInfo
{00000100-0000-0010-8000-00AA006D2EA4}: CLSID DAO.DBEngine.36
{00000101-0000-0010-8000-00AA006D2EA4}: CLSID DAO.PrivateDBEngine.36
{00000103-0000-0010-8000-00AA006D2EA4}: CLSID DAO.TableDef.36
{00000104-0000-0010-8000-00AA006D2EA4}: CLSID DAO.Field.36
{00000105-0000-0010-8000-00AA006D2EA4}: CLSID DAO.Index.36
{00000106-0000-0010-8000-00AA006D2EA4}: CLSID DAO.Group.36
{00000107-0000-0010-8000-00AA006D2EA4}: CLSID DAO.User.36
View entech_new.c
#include <windows.h>
#include <cstdio>
#include "ntos.h"
#define WINIO_DEVICE_TYPE (DWORD)0x8010
#define WINIO_READMSR (DWORD)0x816
#define IOCTL_WINIO_READMSR \
CTL_CODE(WINIO_DEVICE_TYPE, WINIO_READMSR, METHOD_BUFFERED, FILE_ANY_ACCESS)
View GLCKIo2.c
#include "ntos.h"
#define GLCKIO_DEVICE_TYPE (DWORD)0x8010 //same as WinIO/MsIo and all clones based on this bugfest code
#define GLCKIO_REGISTER_FUNCID (DWORD)0x818
#define GLCKIO_READMSR (DWORD)0x816
#define IOCTL_GKCKIO_REGISTER \
CTL_CODE(GLCKIO_DEVICE_TYPE, GLCKIO_REGISTER_FUNCID, METHOD_BUFFERED, FILE_ANY_ACCESS)
View MaxBSOD.c
int main()
{
HANDLE deviceHandle = CreateFile(TEXT("\\\\.\\MaxProc64"),
GENERIC_READ | GENERIC_WRITE,
0,
NULL,
OPEN_EXISTING,
0,
NULL);
View maxproc64.c
__int64 __fastcall DrvDispatch(PDEVICE_OBJECT DeviceObject, _IRP *Irp)
{
_IO_STACK_LOCATION *StackLocation;
_IRP *_Irp;
__int64 Id;
StackLocation = Irp->Tail.Overlay.CurrentStackLocation;
_Irp = Irp;
switch ( StackLocation->Parameters.DeviceIoControl.IoControlCode )
{
View handleopen.c
NTSTATUS HandleOpen(PDEVICE_OBJECT DeviceObject, IRP *Irp)
{
NTSTATUS ntStatus;
BOOL bAllowed;
PIO_SECURITY_CONTEXT SecurityContext;
PACCESS_STATE AccessState;
PACCESS_TOKEN Token;
DWORD IsTokenElevated;
DWORD tokenIntegrityLevel;
PTOKEN_ELEVATION tokenElevation;
View gist:9c3120f630241304699ecd7d93446d5f
#define BITLOCKER_SIGNATURE "-FVE-FS-"
#define BITLOCKER_SIGNATURE_SIZE sizeof(BITLOCKER_SIGNATURE)
#pragma pack(push,1)
typedef struct _FVEFS_BOOT_RECORD {
BYTE JumpCode[3]; //+0x0
BYTE Signature[8]; //+0x3
WORD SectorSize; //+0xB
BYTE SectorsPerCluster; //+0xD
WORD ReservedClusters; //+0xE
@hfiref0x
hfiref0x / SecureAPlus.c
Created Feb 28, 2020
SecureAPlus driver DoS
View SecureAPlus.c
#pragma warning(disable: 4005)
#include <windows.h>
#include <strsafe.h>
#include <ntstatus.h>
#include "ntos.h"
NTSTATUS CallDriver(
_In_ HANDLE DeviceHandle,
_In_ ULONG IoControlCode,
@hfiref0x
hfiref0x / wr0_demo2.c
Created Jan 29, 2020
EVGA PrecisionX OC 6.2.7 wormhole driver
View wr0_demo2.c
#include <windows.h>
#include <cstdio>
#define DEVICE_WR0_TYPE 40000
#define WR0_DEVICE_LINK TEXT("\\\\.\\WinRing0_1_2_0")
HANDLE g_handleWR0 = INVALID_HANDLE_VALUE;
#define IOCTL_WR0_READ_MSR CTL_CODE(DEVICE_WR0_TYPE, 0x821, METHOD_BUFFERED, FILE_ANY_ACCESS)
#define IOCTL_WR0_WRITE_MSR CTL_CODE(DEVICE_WR0_TYPE, 0x822, METHOD_BUFFERED, FILE_ANY_ACCESS)
@hfiref0x
hfiref0x / wr0_demo1.c
Created Jan 29, 2020
EVGA PrecisionX OC 6.2.7 wormhole driver
View wr0_demo1.c
#include <windows.h>
#include <cstdio>
#define DEVICE_WR0_TYPE 40000
#define WR0_DEVICE_LINK TEXT("\\\\.\\WinRing0_1_2_0")
HANDLE g_handleWR0 = INVALID_HANDLE_VALUE;
//
// Port mapped I/O access IOCTLS.