hfiref0x

## responder_comdata.txt
{0000031A-0000-0000-C000-000000000046}: CLSID
{0000002F-0000-0000-C000-000000000046}: CLSID CLSID_RecordInfo
{00000100-0000-0010-8000-00AA006D2EA4}: CLSID DAO.DBEngine.36
{00000101-0000-0010-8000-00AA006D2EA4}: CLSID DAO.PrivateDBEngine.36
{00000103-0000-0010-8000-00AA006D2EA4}: CLSID DAO.TableDef.36
{00000104-0000-0010-8000-00AA006D2EA4}: CLSID DAO.Field.36
{00000105-0000-0010-8000-00AA006D2EA4}: CLSID DAO.Index.36
{00000106-0000-0010-8000-00AA006D2EA4}: CLSID DAO.Group.36
{00000107-0000-0010-8000-00AA006D2EA4}: CLSID DAO.User.36
{00000108-0000-0010-8000-00AA006D2EA4}: CLSID DAO.QueryDef.36

## entech_new.c
#include <windows.h>
#include <cstdio>
#include "ntos.h"

#define WINIO_DEVICE_TYPE      (DWORD)0x8010
#define WINIO_READMSR          (DWORD)0x816

#define IOCTL_WINIO_READMSR     \
    CTL_CODE(WINIO_DEVICE_TYPE, WINIO_READMSR, METHOD_BUFFERED, FILE_ANY_ACCESS)

## GLCKIo2.c
#include "ntos.h"

#define GLCKIO_DEVICE_TYPE      (DWORD)0x8010 //same as WinIO/MsIo and all clones based on this bugfest code
#define GLCKIO_REGISTER_FUNCID  (DWORD)0x818
#define GLCKIO_READMSR          (DWORD)0x816


#define IOCTL_GKCKIO_REGISTER     \
    CTL_CODE(GLCKIO_DEVICE_TYPE, GLCKIO_REGISTER_FUNCID, METHOD_BUFFERED, FILE_ANY_ACCESS)

## MaxBSOD.c
int main()
{
    HANDLE deviceHandle = CreateFile(TEXT("\\\\.\\MaxProc64"),
        GENERIC_READ | GENERIC_WRITE,
        0,
        NULL,
        OPEN_EXISTING,
        0,
        NULL);

## maxproc64.c
__int64 __fastcall DrvDispatch(PDEVICE_OBJECT DeviceObject, _IRP *Irp)
{
  _IO_STACK_LOCATION *StackLocation;
  _IRP *_Irp;
  __int64 Id;

  StackLocation = Irp->Tail.Overlay.CurrentStackLocation;
  _Irp = Irp;
  switch ( StackLocation->Parameters.DeviceIoControl.IoControlCode )
  {

## handleopen.c
NTSTATUS HandleOpen(PDEVICE_OBJECT DeviceObject, IRP *Irp)
{
  NTSTATUS ntStatus;
  BOOL bAllowed;
  PIO_SECURITY_CONTEXT SecurityContext;
  PACCESS_STATE AccessState;
  PACCESS_TOKEN Token;
  DWORD IsTokenElevated;
  DWORD tokenIntegrityLevel;
  PTOKEN_ELEVATION tokenElevation;

## gist:9c3120f630241304699ecd7d93446d5f
#define BITLOCKER_SIGNATURE      "-FVE-FS-"
#define BITLOCKER_SIGNATURE_SIZE sizeof(BITLOCKER_SIGNATURE)

#pragma pack(push,1)
typedef struct _FVEFS_BOOT_RECORD {
    BYTE JumpCode[3];           //+0x0
    BYTE Signature[8];          //+0x3
    WORD SectorSize;            //+0xB
    BYTE SectorsPerCluster;     //+0xD
    WORD ReservedClusters;      //+0xE

## SecureAPlus.c
#pragma warning(disable: 4005)

#include <windows.h>
#include <strsafe.h>
#include <ntstatus.h>
#include "ntos.h"

NTSTATUS CallDriver(
    _In_ HANDLE DeviceHandle,
    _In_ ULONG IoControlCode,

## wr0_demo2.c
#include <windows.h>
#include <cstdio>

#define DEVICE_WR0_TYPE 40000
#define WR0_DEVICE_LINK TEXT("\\\\.\\WinRing0_1_2_0")

HANDLE g_handleWR0 = INVALID_HANDLE_VALUE;

#define IOCTL_WR0_READ_MSR  CTL_CODE(DEVICE_WR0_TYPE, 0x821, METHOD_BUFFERED, FILE_ANY_ACCESS)
#define IOCTL_WR0_WRITE_MSR	CTL_CODE(DEVICE_WR0_TYPE, 0x822, METHOD_BUFFERED, FILE_ANY_ACCESS)

## wr0_demo1.c
#include <windows.h>
#include <cstdio>

#define DEVICE_WR0_TYPE 40000
#define WR0_DEVICE_LINK TEXT("\\\\.\\WinRing0_1_2_0")

HANDLE g_handleWR0 = INVALID_HANDLE_VALUE;

//
// Port mapped I/O access IOCTLS.
	{0000031A-0000-0000-C000-000000000046}: CLSID
	{0000002F-0000-0000-C000-000000000046}: CLSID CLSID_RecordInfo
	{00000100-0000-0010-8000-00AA006D2EA4}: CLSID DAO.DBEngine.36
	{00000101-0000-0010-8000-00AA006D2EA4}: CLSID DAO.PrivateDBEngine.36
	{00000103-0000-0010-8000-00AA006D2EA4}: CLSID DAO.TableDef.36
	{00000104-0000-0010-8000-00AA006D2EA4}: CLSID DAO.Field.36
	{00000105-0000-0010-8000-00AA006D2EA4}: CLSID DAO.Index.36
	{00000106-0000-0010-8000-00AA006D2EA4}: CLSID DAO.Group.36
	{00000107-0000-0010-8000-00AA006D2EA4}: CLSID DAO.User.36
	{00000108-0000-0010-8000-00AA006D2EA4}: CLSID DAO.QueryDef.36
	#include <windows.h>
	#include <cstdio>
	#include "ntos.h"

	#define WINIO_DEVICE_TYPE (DWORD)0x8010
	#define WINIO_READMSR (DWORD)0x816

	#define IOCTL_WINIO_READMSR \
	CTL_CODE(WINIO_DEVICE_TYPE, WINIO_READMSR, METHOD_BUFFERED, FILE_ANY_ACCESS)
	#include "ntos.h"

	#define GLCKIO_DEVICE_TYPE (DWORD)0x8010 //same as WinIO/MsIo and all clones based on this bugfest code
	#define GLCKIO_REGISTER_FUNCID (DWORD)0x818
	#define GLCKIO_READMSR (DWORD)0x816


	#define IOCTL_GKCKIO_REGISTER \
	CTL_CODE(GLCKIO_DEVICE_TYPE, GLCKIO_REGISTER_FUNCID, METHOD_BUFFERED, FILE_ANY_ACCESS)
	int main()
	{
	HANDLE deviceHandle = CreateFile(TEXT("\\\\.\\MaxProc64"),
	GENERIC_READ \| GENERIC_WRITE,
	0,
	NULL,
	OPEN_EXISTING,
	0,
	NULL);
	__int64 __fastcall DrvDispatch(PDEVICE_OBJECT DeviceObject, _IRP *Irp)
	{
	_IO_STACK_LOCATION *StackLocation;
	_IRP *_Irp;
	__int64 Id;

	StackLocation = Irp->Tail.Overlay.CurrentStackLocation;
	_Irp = Irp;
	switch ( StackLocation->Parameters.DeviceIoControl.IoControlCode )
	{
	NTSTATUS HandleOpen(PDEVICE_OBJECT DeviceObject, IRP *Irp)
	{
	NTSTATUS ntStatus;
	BOOL bAllowed;
	PIO_SECURITY_CONTEXT SecurityContext;
	PACCESS_STATE AccessState;
	PACCESS_TOKEN Token;
	DWORD IsTokenElevated;
	DWORD tokenIntegrityLevel;
	PTOKEN_ELEVATION tokenElevation;
	#define BITLOCKER_SIGNATURE "-FVE-FS-"
	#define BITLOCKER_SIGNATURE_SIZE sizeof(BITLOCKER_SIGNATURE)

	#pragma pack(push,1)
	typedef struct _FVEFS_BOOT_RECORD {
	BYTE JumpCode[3]; //+0x0
	BYTE Signature[8]; //+0x3
	WORD SectorSize; //+0xB
	BYTE SectorsPerCluster; //+0xD
	WORD ReservedClusters; //+0xE
	#pragma warning(disable: 4005)

	#include <windows.h>
	#include <strsafe.h>
	#include <ntstatus.h>
	#include "ntos.h"

	NTSTATUS CallDriver(
	_In_ HANDLE DeviceHandle,
	_In_ ULONG IoControlCode,
	#include <windows.h>
	#include <cstdio>

	#define DEVICE_WR0_TYPE 40000
	#define WR0_DEVICE_LINK TEXT("\\\\.\\WinRing0_1_2_0")

	HANDLE g_handleWR0 = INVALID_HANDLE_VALUE;

	#define IOCTL_WR0_READ_MSR CTL_CODE(DEVICE_WR0_TYPE, 0x821, METHOD_BUFFERED, FILE_ANY_ACCESS)
	#define IOCTL_WR0_WRITE_MSR CTL_CODE(DEVICE_WR0_TYPE, 0x822, METHOD_BUFFERED, FILE_ANY_ACCESS)