added AMD payload and efi module bundler

4 years ago · f0f34030ca
parent 1610415b07
commit f0f34030ca
25 changed files with 949 additions and 95 deletions
--- a/Bundler.vcxproj
+++ b/Bundler.vcxproj
@ -0,0 +1,161 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|x64">
+      <Configuration>Debug</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <VCProjectVersion>16.0</VCProjectVersion>
+    <Keyword>Win32Proj</Keyword>
+    <ProjectGuid>{ee860038-e3dd-4329-8d44-df8b9ecbe420}</ProjectGuid>
+    <RootNamespace>EfiBundler</RootNamespace>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v142</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v142</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v142</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v142</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="Shared">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <LinkIncremental>true</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <LinkIncremental>true</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+      <LanguageStandard>stdcpp17</LanguageStandard>
+      <BufferSecurityCheck>false</BufferSecurityCheck>
+      <ControlFlowGuard>false</ControlFlowGuard>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+      <LanguageStandard>stdcpp17</LanguageStandard>
+      <BufferSecurityCheck>false</BufferSecurityCheck>
+      <Optimization>Disabled</Optimization>
+      <ControlFlowGuard>false</ControlFlowGuard>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemGroup>
+    <ClCompile Include="bundler.cpp" />
+    <ClCompile Include="main.cpp" />
+    <ClCompile Include="shellcode.cpp" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="bundler.h" />
+    <ClInclude Include="shellcode.h" />
+    <ClInclude Include="utils.h" />
+  </ItemGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>
--- a/Bundler.vcxproj.filters
+++ b/Bundler.vcxproj.filters
@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup>
+    <Filter Include="Source Files">
+      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+      <Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+    </Filter>
+    <Filter Include="Header Files">
+      <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+      <Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
+    </Filter>
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="utils.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="shellcode.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="bundler.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="main.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="shellcode.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="bundler.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+  </ItemGroup>
+</Project>
--- a/Bundler.vcxproj.user
+++ b/Bundler.vcxproj.user
@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <LocalDebuggerCommandArguments>C:\Users\xerox\Desktop\bootmgfw.efi C:\Users\xerox\Desktop\voyager.efi</LocalDebuggerCommandArguments>
+    <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <LocalDebuggerCommandArguments>C:\Users\xerox\Desktop\bootmgfw.efi C:\Users\xerox\Desktop\voyager.efi</LocalDebuggerCommandArguments>
+    <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
+  </PropertyGroup>
+</Project>
--- a/Bundler/bundler.cpp
+++ b/Bundler/bundler.cpp
@ -0,0 +1,92 @@
+#include "bundler.h"
+
+namespace bundler
+{
+	std::pair<std::uint32_t, std::uint32_t> add_section(std::vector<std::uint8_t>& image, const char* name, std::size_t size, std::uint32_t protect)
+	{
+		auto align = [](std::uint32_t size, std::uint32_t align, std::uint32_t addr) -> std::uint32_t
+		{
+			if (!(size % align))
+				return addr + size;
+			return addr + (size / align + 1) * align;
+		};
+
+		auto section_header = reinterpret_cast<PIMAGE_SECTION_HEADER>(
+			((UINT64)&NT_HEADER(image.data())->OptionalHeader) +
+				NT_HEADER(image.data())->FileHeader.SizeOfOptionalHeader);
+
+		auto new_section = &section_header[NT_HEADER(image.data())->FileHeader.NumberOfSections];
+		memset(new_section, NULL, sizeof(IMAGE_SECTION_HEADER));
+		memcpy(new_section->Name, name, 8);
+
+		new_section->Characteristics = protect;
+		section_header[NT_HEADER(image.data())->FileHeader.NumberOfSections].Misc.VirtualSize =
+			align(size, NT_HEADER(image.data())->OptionalHeader.SectionAlignment, NULL);
+
+		new_section->VirtualAddress = align(section_header[
+			NT_HEADER(image.data())->FileHeader.NumberOfSections - 1].Misc.VirtualSize,
+				NT_HEADER(image.data())->OptionalHeader.SectionAlignment, section_header[
+					NT_HEADER(image.data())->FileHeader.NumberOfSections - 1].VirtualAddress);
+
+		new_section->SizeOfRawData =
+			align(size, NT_HEADER(image.data())->OptionalHeader.FileAlignment, 0);
+
+		new_section->PointerToRawData =
+			align(section_header[NT_HEADER(image.data())->FileHeader.NumberOfSections - 1].SizeOfRawData,
+				NT_HEADER(image.data())->OptionalHeader.FileAlignment, section_header[NT_HEADER(image.data())->
+					FileHeader.NumberOfSections - 1].PointerToRawData);
+
+		NT_HEADER(image.data())->OptionalHeader.SizeOfImage = section_header[
+			NT_HEADER(image.data())->FileHeader.NumberOfSections].VirtualAddress +
+				section_header[NT_HEADER(image.data())->FileHeader.NumberOfSections].Misc.VirtualSize;
+
+		++NT_HEADER(image.data())->FileHeader.NumberOfSections;
+		auto raw_data_rva = new_section->PointerToRawData;
+		auto virt_data_rva = new_section->VirtualAddress;
+		auto raw_data_size = new_section->SizeOfRawData;
+
+		image.resize(raw_data_rva + raw_data_size);
+		memset(image.data() + raw_data_rva, NULL, raw_data_size);
+		return { raw_data_rva, virt_data_rva };
+	}
+
+	// module_base is .efi section base in this case...
+	std::uint32_t map_module(std::uint8_t* module_base, std::vector<std::uint8_t>& map_from)
+	{
+		// copy nt headers...
+		memcpy(module_base, map_from.data(), NT_HEADER(map_from.data())->OptionalHeader.SizeOfHeaders);
+		auto sections = reinterpret_cast<PIMAGE_SECTION_HEADER>(
+			(UINT8*)&NT_HEADER(map_from.data())->OptionalHeader +
+				NT_HEADER(map_from.data())->FileHeader.SizeOfOptionalHeader);
+
+		// copy sections...
+		for (auto i = 0u; i < NT_HEADER(map_from.data())->FileHeader.NumberOfSections; ++i)
+		{
+			auto section = &sections[i];
+			memcpy(module_base + section->VirtualAddress, map_from.data() + section->PointerToRawData, section->SizeOfRawData);
+		}
+
+		return NT_HEADER(map_from.data())->OptionalHeader.AddressOfEntryPoint;
+	}
+
+	void bundle(std::vector<std::uint8_t>& bundle_into, std::vector<std::uint8_t>& bundle_module)
+	{
+		auto [trp_section_disk, trp_section_virt] = add_section(bundle_into, ".trp", sizeof shellcode::stub, SECTION_RWX);
+		auto [mod_section_disk, mod_section_virt] = add_section(bundle_into, ".efi", bundle_module.size(), SECTION_RWX);
+		bundler::map_module(bundle_into.data() + mod_section_disk, bundle_module);
+
+		std::printf("[+] added .trp section at rva -> 0x%x, size -> 0x%x\n", trp_section_virt, sizeof shellcode::stub);
+		std::printf("[+] added .efi section at rva -> 0x%x, size -> 0x%x\n", mod_section_virt, bundle_module.size());
+
+		// setup stub shellcode...
+		*reinterpret_cast<std::int32_t*>(&shellcode::stub[25]) = mod_section_virt - trp_section_virt;
+		*reinterpret_cast<std::int32_t*>(&shellcode::stub[45]) = trp_section_virt;
+		*reinterpret_cast<std::int32_t*>(&shellcode::stub[75]) = NT_HEADER(bundle_into.data())->OptionalHeader.AddressOfEntryPoint;
+		memcpy(bundle_into.data() + trp_section_disk, shellcode::stub, sizeof shellcode::stub);
+		std::printf("[+] added stub code to .trp section...\n");
+
+		// set entry point to .trp section...
+		NT_HEADER(bundle_into.data())->OptionalHeader.AddressOfEntryPoint = trp_section_virt;
+		std::printf("[+] changed base modules entry point to -> (.trp section base) 0x%x\n", trp_section_virt);
+	}
+}
--- a/Bundler/bundler.h
+++ b/Bundler/bundler.h
@ -0,0 +1,15 @@
+#pragma once
+#include "shellcode.h"
+#define SECTION_RWX ((IMAGE_SCN_MEM_WRITE | \
+	IMAGE_SCN_CNT_CODE | \
+	IMAGE_SCN_CNT_UNINITIALIZED_DATA | \
+	IMAGE_SCN_MEM_EXECUTE | \
+	IMAGE_SCN_CNT_INITIALIZED_DATA | \
+	IMAGE_SCN_MEM_READ))
+
+namespace bundler
+{
+	std::pair<std::uint32_t, std::uint32_t> add_section(std::vector<std::uint8_t>& image, const char* name, std::size_t size, std::uint32_t protect);
+	std::uint32_t map_module(std::uint8_t* module_base, std::vector<std::uint8_t>& map_from);
+	void bundle(std::vector<std::uint8_t>& bundle_into, std::vector<std::uint8_t>& bundle_module);
+}
--- a/Bundler/main.cpp
+++ b/Bundler/main.cpp
@ -0,0 +1,38 @@
+#include "bundler.h"
+
+int __cdecl main(int argc, char** argv)
+{
+	if (argc < 2)
+	{
+		std::printf("[!] invalid amount of parameters\n");
+		return -1;
+	}
+
+	std::vector<std::uint8_t> efi_module;
+	std::vector<std::uint8_t> bootmgfw;
+
+	impl::open_binary_file(argv[1], bootmgfw);
+	impl::open_binary_file(argv[2], efi_module);
+
+	if (efi_module.empty() || bootmgfw.empty())
+	{
+		std::printf("[!] unable to load efi module(s)...\n");
+		return -1;
+	}
+
+	efi_module.resize(NT_HEADER(efi_module.data())->OptionalHeader.SizeOfImage);
+	std::printf("bundling efi module, size -> 0x%x\n",
+		NT_HEADER(efi_module.data())->OptionalHeader.SizeOfImage);
+
+	bootmgfw.resize(NT_HEADER(bootmgfw.data())->OptionalHeader.SizeOfImage);
+	std::printf("bundling module into bootmgfw, size before patch -> 0x%x\n", 
+		NT_HEADER(bootmgfw.data())->OptionalHeader.SizeOfImage);
+
+	bundler::bundle(bootmgfw, efi_module);
+	std::ofstream new_file("result.efi", std::ios::binary);
+	new_file.write((char*)bootmgfw.data(), bootmgfw.size());
+	new_file.close();
+
+	std::printf("bundled modules together....\n");
+	std::getchar();
+}
--- a/Bundler/shellcode.cpp
+++ b/Bundler/shellcode.cpp
@ -0,0 +1,55 @@
+#include "shellcode.h"
+
+namespace shellcode
+{
+	void* entry_stub(void* a, void* b)
+	{
+		// 0xDEADBEEF is replaced at runtime...
+		auto module_base = reinterpret_cast<std::uintptr_t>(&entry_stub) + 0xDEADBEEF;
+		auto bootmgfw_base = reinterpret_cast<std::uintptr_t>(&entry_stub) - 0xDEADBEEF;
+		NT_HEADER(bootmgfw_base)->OptionalHeader.AddressOfEntryPoint = 0xDEADBEEF;
+
+		// fix relocs of the module in .efi section...
+		auto base_reloc_dir = &NT_HEADER(module_base)->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC];
+		if (base_reloc_dir->VirtualAddress)
+		{
+			auto reloc = reinterpret_cast<PIMAGE_BASE_RELOCATION>(module_base + base_reloc_dir->VirtualAddress);
+			for (auto current_size = 0u; current_size < base_reloc_dir->Size; )
+			{
+				auto reloc_count = (reloc->SizeOfBlock - sizeof(IMAGE_BASE_RELOCATION)) / sizeof(UINT16);
+				auto reloc_data = reinterpret_cast<std::uint16_t*>((UINT8*)reloc + sizeof(IMAGE_BASE_RELOCATION));
+				auto reloc_base = reinterpret_cast<std::uint8_t*>(module_base) + reloc->VirtualAddress;
+
+				for (auto i = 0u; i < reloc_count; ++i, ++reloc_data)
+				{
+					std::uint16_t data = *reloc_data;
+					std::uint16_t type = data >> 12;
+					std::uint16_t offset = data & 0xFFF;
+
+					switch (type)
+					{
+					case IMAGE_REL_BASED_DIR64:
+					{
+						auto rva = reinterpret_cast<std::uintptr_t*>(reloc_base + offset);
+						*rva = module_base + (*rva - NT_HEADER(module_base)->OptionalHeader.ImageBase);
+						break;
+					}
+					default:
+						break;
+					}
+				}
+
+				current_size += reloc->SizeOfBlock;
+				reloc = reinterpret_cast<PIMAGE_BASE_RELOCATION>(reloc_data);
+			}
+		}
+
+		// call our entry...
+		reinterpret_cast<void(__fastcall*)(void*, void*)>(
+			module_base + NT_HEADER(module_base)->OptionalHeader.AddressOfEntryPoint)(a, b);
+
+		// call the original entry...
+		return reinterpret_cast<void* (__fastcall*)(void*, void*)>(
+			bootmgfw_base + NT_HEADER(bootmgfw_base)->OptionalHeader.AddressOfEntryPoint)(a, b);
+	}
+}
--- a/Bundler/shellcode.h
+++ b/Bundler/shellcode.h
@ -0,0 +1,76 @@
+#pragma once
+#include <cstdint>
+#include <cstddef>
+#include "utils.h"
+
+namespace shellcode
+{
+	void* entry_stub(void* a, void* b);
+	// void* entry_stub(void* a, void* b)
+	// + 75, Real entry point RVA
+	// + 25, RVA to bundled module base... (gunna be a section base address)
+	// + 45, RVA to bootmgfw base address... (number is positive, assembly subtracts this number)
+	inline char stub[] =
+	{ 
+		  0x48, 0x89, 0x54, 0x24, 0x10, 0x48, 0x89, 0x4C, 0x24, 0x08,
+		  0x48, 0x81, 0xEC, 0x98, 0x00, 0x00, 0x00, 0x48, 0x8D, 0x05,
+		  0xE8, 0xFF, 0xFF, 0xFF, 0xB9, 0xEF, 0xBE, 0xAD, 0xDE, 0x48,
+		  0x03, 0xC1, 0x48, 0x89, 0x44, 0x24, 0x28, 0x48, 0x8D, 0x05,
+		  0xD4, 0xFF, 0xFF, 0xFF, 0xB9, 0xEF, 0xBE, 0xAD, 0xDE, 0x48,
+		  0x2B, 0xC1, 0x48, 0x89, 0x44, 0x24, 0x48, 0x48, 0x8B, 0x44,
+		  0x24, 0x48, 0x48, 0x63, 0x40, 0x3C, 0x48, 0x8B, 0x4C, 0x24,
+		  0x48, 0xC7, 0x44, 0x01, 0x28, 0xEF, 0xBE, 0xAD, 0xDE, 0x48,
+		  0x8B, 0x44, 0x24, 0x28, 0x48, 0x63, 0x40, 0x3C, 0x48, 0x8B,
+		  0x4C, 0x24, 0x28, 0x48, 0x03, 0xC8, 0x48, 0x8B, 0xC1, 0xB9,
+		  0x08, 0x00, 0x00, 0x00, 0x48, 0x6B, 0xC9, 0x05, 0x48, 0x8D,
+		  0x84, 0x08, 0x88, 0x00, 0x00, 0x00, 0x48, 0x89, 0x44, 0x24,
+		  0x60, 0x48, 0x8B, 0x44, 0x24, 0x60, 0x83, 0x38, 0x00, 0x0F,
+		  0x84, 0x4E, 0x01, 0x00, 0x00, 0x48, 0x8B, 0x44, 0x24, 0x60,
+		  0x8B, 0x00, 0x48, 0x8B, 0x4C, 0x24, 0x28, 0x48, 0x03, 0xC8,
+		  0x48, 0x8B, 0xC1, 0x48, 0x89, 0x44, 0x24, 0x40, 0xC7, 0x44,
+		  0x24, 0x3C, 0x00, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x44, 0x24,
+		  0x60, 0x8B, 0x40, 0x04, 0x39, 0x44, 0x24, 0x3C, 0x0F, 0x83,
+		  0x1D, 0x01, 0x00, 0x00, 0x48, 0x8B, 0x44, 0x24, 0x40, 0x8B,
+		  0x40, 0x04, 0x48, 0x83, 0xE8, 0x08, 0x33, 0xD2, 0xB9, 0x02,
+		  0x00, 0x00, 0x00, 0x48, 0xF7, 0xF1, 0x48, 0x89, 0x44, 0x24,
+		  0x70, 0x48, 0x8B, 0x44, 0x24, 0x40, 0x48, 0x83, 0xC0, 0x08,
+		  0x48, 0x89, 0x44, 0x24, 0x50, 0x48, 0x8B, 0x44, 0x24, 0x40,
+		  0x8B, 0x00, 0x48, 0x8B, 0x4C, 0x24, 0x28, 0x48, 0x03, 0xC8,
+		  0x48, 0x8B, 0xC1, 0x48, 0x89, 0x44, 0x24, 0x78, 0xC7, 0x44,
+		  0x24, 0x38, 0x00, 0x00, 0x00, 0x00, 0xEB, 0x18, 0x8B, 0x44,
+		  0x24, 0x38, 0xFF, 0xC0, 0x89, 0x44, 0x24, 0x38, 0x48, 0x8B,
+		  0x44, 0x24, 0x50, 0x48, 0x83, 0xC0, 0x02, 0x48, 0x89, 0x44,
+		  0x24, 0x50, 0x8B, 0x44, 0x24, 0x38, 0x48, 0x3B, 0x44, 0x24,
+		  0x70, 0x0F, 0x83, 0x89, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x44,
+		  0x24, 0x50, 0x0F, 0xB7, 0x00, 0x66, 0x89, 0x44, 0x24, 0x20,
+		  0x0F, 0xB7, 0x44, 0x24, 0x20, 0xC1, 0xF8, 0x0C, 0x66, 0x89,
+		  0x44, 0x24, 0x30, 0x0F, 0xB7, 0x44, 0x24, 0x20, 0x25, 0xFF,
+		  0x0F, 0x00, 0x00, 0x66, 0x89, 0x44, 0x24, 0x34, 0x0F, 0xB7,
+		  0x44, 0x24, 0x30, 0x89, 0x44, 0x24, 0x58, 0x83, 0x7C, 0x24,
+		  0x58, 0x0A, 0x74, 0x02, 0xEB, 0x49, 0x0F, 0xB7, 0x44, 0x24,
+		  0x34, 0x48, 0x8B, 0x4C, 0x24, 0x78, 0x48, 0x03, 0xC8, 0x48,
+		  0x8B, 0xC1, 0x48, 0x89, 0x44, 0x24, 0x68, 0x48, 0x8B, 0x44,
+		  0x24, 0x28, 0x48, 0x63, 0x40, 0x3C, 0x48, 0x8B, 0x4C, 0x24,
+		  0x68, 0x48, 0x8B, 0x54, 0x24, 0x28, 0x48, 0x8B, 0x44, 0x02,
+		  0x30, 0x48, 0x8B, 0x09, 0x48, 0x2B, 0xC8, 0x48, 0x8B, 0xC1,
+		  0x48, 0x8B, 0x4C, 0x24, 0x28, 0x48, 0x03, 0xC8, 0x48, 0x8B,
+		  0xC1, 0x48, 0x8B, 0x4C, 0x24, 0x68, 0x48, 0x89, 0x01, 0xE9,
+		  0x50, 0xFF, 0xFF, 0xFF, 0x48, 0x8B, 0x44, 0x24, 0x40, 0x8B,
+		  0x40, 0x04, 0x8B, 0x4C, 0x24, 0x3C, 0x03, 0xC8, 0x8B, 0xC1,
+		  0x89, 0x44, 0x24, 0x3C, 0x48, 0x8B, 0x44, 0x24, 0x50, 0x48,
+		  0x89, 0x44, 0x24, 0x40, 0xE9, 0xD1, 0xFE, 0xFF, 0xFF, 0x48,
+		  0x8B, 0x44, 0x24, 0x28, 0x48, 0x63, 0x40, 0x3C, 0x48, 0x8B,
+		  0x4C, 0x24, 0x28, 0x8B, 0x44, 0x01, 0x28, 0x48, 0x8B, 0x4C,
+		  0x24, 0x28, 0x48, 0x03, 0xC8, 0x48, 0x8B, 0xC1, 0x48, 0x89,
+		  0x84, 0x24, 0x80, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x94, 0x24,
+		  0xA8, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x8C, 0x24, 0xA0, 0x00,
+		  0x00, 0x00, 0xFF, 0x94, 0x24, 0x80, 0x00, 0x00, 0x00, 0x48,
+		  0x8B, 0x44, 0x24, 0x48, 0x48, 0x63, 0x40, 0x3C, 0x48, 0x8B,
+		  0x4C, 0x24, 0x48, 0x8B, 0x44, 0x01, 0x28, 0x48, 0x8B, 0x4C,
+		  0x24, 0x48, 0x48, 0x03, 0xC8, 0x48, 0x8B, 0xC1, 0x48, 0x89,
+		  0x84, 0x24, 0x88, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x94, 0x24,
+		  0xA8, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x8C, 0x24, 0xA0, 0x00,
+		  0x00, 0x00, 0xFF, 0x94, 0x24, 0x88, 0x00, 0x00, 0x00, 0x48,
+		  0x81, 0xC4, 0x98, 0x00, 0x00, 0x00, 0xC3 
+	};
+}
--- a/Bundler/utils.h
+++ b/Bundler/utils.h
@ -0,0 +1,84 @@
+#pragma once
+#include <windows.h>
+#include <psapi.h>
+#include <tlhelp32.h>
+#include <filesystem>
+#include <string_view>
+#include <iterator>
+#include <fstream>
+#include <string>
+#include <map>
+#include <vector>
+#include <ntstatus.h>
+#include <winternl.h>
+#include <array>
+#include <algorithm>
+#include <string_view>
+
+#define NT_HEADER(x) reinterpret_cast<PIMAGE_NT_HEADERS>( uint64_t(x) + reinterpret_cast<PIMAGE_DOS_HEADER>(x)->e_lfanew )
+namespace impl
+{
+	using uq_handle = std::unique_ptr<void, decltype(&CloseHandle)>;
+
+	__forceinline uint32_t get_process_id(const std::wstring_view process_name)
+	{
+		// open a system snapshot of all loaded processes
+		uq_handle snap_shot{ CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0), &CloseHandle };
+
+		if (snap_shot.get() == INVALID_HANDLE_VALUE)
+		{
+			return 0;
+		}
+
+		PROCESSENTRY32W process_entry{ sizeof(PROCESSENTRY32W) };
+
+		// enumerate through processes
+		for (Process32FirstW(snap_shot.get(), &process_entry); Process32NextW(snap_shot.get(), &process_entry); )
+			if (std::wcscmp(process_name.data(), process_entry.szExeFile) == 0)
+				return process_entry.th32ProcessID;
+
+		return 0;
+	}
+
+	__forceinline void open_binary_file(const std::string& file, std::vector<uint8_t>& data)
+	{
+		std::ifstream fstr(file, std::ios::binary);
+		fstr.unsetf(std::ios::skipws);
+		fstr.seekg(0, std::ios::end);
+
+		const auto file_size = fstr.tellg();
+
+		fstr.seekg(NULL, std::ios::beg);
+		data.reserve(static_cast<uint32_t>(file_size));
+		data.insert(data.begin(), std::istream_iterator<uint8_t>(fstr), std::istream_iterator<uint8_t>());
+	}
+
+	__forceinline bool enable_privilege(const std::wstring_view privilege_name)
+	{
+		HANDLE token_handle = nullptr;
+		if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &token_handle))
+		{;
+			return false;
+		}
+
+		LUID luid{};
+		if (!LookupPrivilegeValueW(nullptr, privilege_name.data(), &luid))
+		{
+			return false;
+		}
+
+		TOKEN_PRIVILEGES token_state{};
+		token_state.PrivilegeCount = 1;
+		token_state.Privileges[0].Luid = luid;
+		token_state.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
+
+		if (!AdjustTokenPrivileges(token_handle, FALSE, &token_state, sizeof(TOKEN_PRIVILEGES), nullptr, nullptr))
+		{
+			return false;
+		}
+
+		CloseHandle(token_handle);
+
+		return true;
+	}
+}
--- a/(AMD).vcxproj
+++ b/(AMD).vcxproj
@ -0,0 +1,158 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|x64">
+      <Configuration>Debug</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|ARM">
+      <Configuration>Debug</Configuration>
+      <Platform>ARM</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|ARM">
+      <Configuration>Release</Configuration>
+      <Platform>ARM</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|ARM64">
+      <Configuration>Debug</Configuration>
+      <Platform>ARM64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|ARM64">
+      <Configuration>Release</Configuration>
+      <Platform>ARM64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}</ProjectGuid>
+    <TemplateGuid>{1bc93793-694f-48fe-9372-81e2b05556fd}</TemplateGuid>
+    <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
+    <MinimumVisualStudioVersion>12.0</MinimumVisualStudioVersion>
+    <Configuration>Debug</Configuration>
+    <Platform Condition="'$(Platform)' == ''">Win32</Platform>
+    <RootNamespace>PayLoad__AMD_</RootNamespace>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <TargetVersion>Windows10</TargetVersion>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
+    <ConfigurationType>Driver</ConfigurationType>
+    <DriverType>KMDF</DriverType>
+    <DriverTargetPlatform>Universal</DriverTargetPlatform>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <TargetVersion>Windows10</TargetVersion>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
+    <ConfigurationType>Driver</ConfigurationType>
+    <DriverType>KMDF</DriverType>
+    <DriverTargetPlatform>Universal</DriverTargetPlatform>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+    <TargetVersion>Windows10</TargetVersion>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
+    <ConfigurationType>Driver</ConfigurationType>
+    <DriverType>KMDF</DriverType>
+    <DriverTargetPlatform>Universal</DriverTargetPlatform>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <TargetVersion>Windows10</TargetVersion>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
+    <ConfigurationType>Driver</ConfigurationType>
+    <DriverType>KMDF</DriverType>
+    <DriverTargetPlatform>Universal</DriverTargetPlatform>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM'" Label="Configuration">
+    <TargetVersion>Windows10</TargetVersion>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
+    <ConfigurationType>Driver</ConfigurationType>
+    <DriverType>KMDF</DriverType>
+    <DriverTargetPlatform>Universal</DriverTargetPlatform>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM'" Label="Configuration">
+    <TargetVersion>Windows10</TargetVersion>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
+    <ConfigurationType>Driver</ConfigurationType>
+    <DriverType>KMDF</DriverType>
+    <DriverTargetPlatform>Universal</DriverTargetPlatform>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'" Label="Configuration">
+    <TargetVersion>Windows10</TargetVersion>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
+    <ConfigurationType>Driver</ConfigurationType>
+    <DriverType>KMDF</DriverType>
+    <DriverTargetPlatform>Universal</DriverTargetPlatform>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'" Label="Configuration">
+    <TargetVersion>Windows10</TargetVersion>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
+    <ConfigurationType>Driver</ConfigurationType>
+    <DriverType>KMDF</DriverType>
+    <DriverTargetPlatform>Universal</DriverTargetPlatform>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM'">
+    <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM'">
+    <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">
+    <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">
+    <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
+  </PropertyGroup>
+  <ItemGroup>
+    <Inf Include="PayLoad(AMD).inf" />
+  </ItemGroup>
+  <ItemGroup>
+    <FilesToPackage Include="$(TargetPath)" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="types.h" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="main.cpp" />
+  </ItemGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>
--- a/(AMD).vcxproj.filters
+++ b/(AMD).vcxproj.filters
@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup>
+    <Filter Include="Source Files">
+      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+      <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+    </Filter>
+    <Filter Include="Header Files">
+      <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+      <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
+    </Filter>
+    <Filter Include="Driver Files">
+      <UniqueIdentifier>{8E41214B-6785-4CFE-B992-037D68949A14}</UniqueIdentifier>
+      <Extensions>inf;inv;inx;mof;mc;</Extensions>
+    </Filter>
+  </ItemGroup>
+  <ItemGroup>
+    <Inf Include="PayLoad(AMD).inf">
+      <Filter>Driver Files</Filter>
+    </Inf>
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="types.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="main.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+  </ItemGroup>
+</Project>
--- a/(AMD)/PayLoad(AMD).inf
+++ b/(AMD)/PayLoad(AMD).inf
@ -0,0 +1,87 @@
+;
+; PayLoad(AMD).inf
+;
+
+[Version]
+Signature="$WINDOWS NT$"
+Class=Sample ; TODO: edit Class
+ClassGuid={78A1C341-4539-11d3-B88D-00C04FAD5171} ; TODO: edit ClassGuid
+Provider=%ManufacturerName%
+CatalogFile=PayLoad(AMD).cat
+DriverVer= ; TODO: set DriverVer in stampinf property pages
+PnpLockDown=1
+
+[DestinationDirs]
+DefaultDestDir = 12
+PayLoad(AMD)_Device_CoInstaller_CopyFiles = 11
+
+; ================= Class section =====================
+
+[ClassInstall32]
+Addreg=SampleClassReg
+
+[SampleClassReg]
+HKR,,,0,%ClassName%
+HKR,,Icon,,-5
+
+[SourceDisksNames]
+1 = %DiskName%,,,""
+
+[SourceDisksFiles]
+PayLoad(AMD).sys  = 1,,
+WdfCoInstaller$KMDFCOINSTALLERVERSION$.dll=1 ; make sure the number matches with SourceDisksNames
+
+;*****************************************
+; Install Section
+;*****************************************
+
+[Manufacturer]
+%ManufacturerName%=Standard,NT$ARCH$
+
+[Standard.NT$ARCH$]
+%PayLoad(AMD).DeviceDesc%=PayLoad(AMD)_Device, Root\PayLoad(AMD) ; TODO: edit hw-id
+
+[PayLoad(AMD)_Device.NT]
+CopyFiles=Drivers_Dir
+
+[Drivers_Dir]
+PayLoad(AMD).sys
+
+;-------------- Service installation
+[PayLoad(AMD)_Device.NT.Services]
+AddService = PayLoad(AMD),%SPSVCINST_ASSOCSERVICE%, PayLoad(AMD)_Service_Inst
+
+; -------------- PayLoad(AMD) driver install sections
+[PayLoad(AMD)_Service_Inst]
+DisplayName    = %PayLoad(AMD).SVCDESC%
+ServiceType    = 1               ; SERVICE_KERNEL_DRIVER
+StartType      = 3               ; SERVICE_DEMAND_START
+ErrorControl   = 1               ; SERVICE_ERROR_NORMAL
+ServiceBinary  = %12%\PayLoad(AMD).sys
+
+;
+;--- PayLoad(AMD)_Device Coinstaller installation ------
+;
+
+[PayLoad(AMD)_Device.NT.CoInstallers]
+AddReg=PayLoad(AMD)_Device_CoInstaller_AddReg
+CopyFiles=PayLoad(AMD)_Device_CoInstaller_CopyFiles
+
+[PayLoad(AMD)_Device_CoInstaller_AddReg]
+HKR,,CoInstallers32,0x00010000, "WdfCoInstaller$KMDFCOINSTALLERVERSION$.dll,WdfCoInstaller"
+
+[PayLoad(AMD)_Device_CoInstaller_CopyFiles]
+WdfCoInstaller$KMDFCOINSTALLERVERSION$.dll
+
+[PayLoad(AMD)_Device.NT.Wdf]
+KmdfService =  PayLoad(AMD), PayLoad(AMD)_wdfsect
+[PayLoad(AMD)_wdfsect]
+KmdfLibraryVersion = $KMDFVERSION$
+
+[Strings]
+SPSVCINST_ASSOCSERVICE= 0x00000002
+ManufacturerName="<Your manufacturer name>" ;TODO: Replace with your manufacturer name
+ClassName="Samples" ; TODO: edit ClassName
+DiskName = "PayLoad(AMD) Installation Disk"
+PayLoad(AMD).DeviceDesc = "PayLoad(AMD) Device"
+PayLoad(AMD).SVCDESC = "PayLoad(AMD) Service"
--- a/(AMD)/main.cpp
+++ b/(AMD)/main.cpp
--- a/(AMD)/types.h
+++ b/(AMD)/types.h
@ -0,0 +1 @@
+#pragma once
--- a/(Intel)/vmexit_handler.cpp
+++ b/(Intel)/vmexit_handler.cpp
@ -20,7 +20,6 @@ void vmexit_handler(pcontext_t context, void* unknown)
 	{
 		if (guest_registers->rcx == VMEXIT_KEY)
 		{
-			DBG_PRINT("got cpuid call...\n");
 			guest_registers->rax = 0xC0FFEE;

 			// advance rip, no one better execute cpuid instruction
--- a/(1703-1511)/BootMgfw.c
+++ b/(1703-1511)/BootMgfw.c
@ -1,7 +1,7 @@
 #include "BootMgfw.h"

 SHITHOOK BootMgfwShitHook;
-EFI_DEVICE_PATH* EFIAPI GetBootMgfwPath(VOID)
+EFI_STATUS EFIAPI GetBootMgfwPath(EFI_DEVICE_PATH_PROTOCOL** BootMgfwPathProtocol)
 {
 	UINTN HandleCount = NULL;
 	EFI_STATUS Result;
@ -14,8 +14,8 @@ EFI_DEVICE_PATH* EFIAPI GetBootMgfwPath(VOID)
 	// get all the handles to file systems...
 	if (EFI_ERROR((Result = gBS->LocateHandleBuffer(ByProtocol, &gEfiSimpleFileSystemProtocolGuid, NULL, &HandleCount, &Handles))))
 	{
-		Print(L"error getting file system handles -> 0x%p\n", Result);
-		return DevicePath;
+		DBG_PRINT("error getting file system handles -> 0x%p\n", Result);
+		return Result;
 	}

 	// for each handle to the file system, open a protocol with it...
@ -23,44 +23,47 @@ EFI_DEVICE_PATH* EFIAPI GetBootMgfwPath(VOID)
 	{
 		if (EFI_ERROR((Result = gBS->OpenProtocol(Handles[Idx], &gEfiSimpleFileSystemProtocolGuid, (VOID**)&FileSystem, gImageHandle, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL))))
 		{
-			Print(L"error opening protocol -> 0x%p\n", Result);
-			return DevicePath;
+			DBG_PRINT("error opening protocol -> 0x%p\n", Result);
+			return Result;
 		}

 		if (EFI_ERROR((Result = FileSystem->OpenVolume(FileSystem, &VolumeHandle))))
 		{
-			Print(L"error opening file system -> 0x%p\n", Result);
-			return DevicePath;
+			DBG_PRINT("error opening file system -> 0x%p\n", Result);
+			return Result;
 		}

 		// if we found the correct file (\\efi\\microsoft\\boot\\bootmgfw.efi)
 		if (!EFI_ERROR(VolumeHandle->Open(VolumeHandle, &BootMgfwHandle, WINDOWS_BOOTMGR_PATH, EFI_FILE_MODE_READ, EFI_FILE_READ_ONLY)))
-			DevicePath = FileDevicePath(Handles[Idx], WINDOWS_BOOTMGR_PATH);
+		{
+			VolumeHandle->Close(BootMgfwHandle);
+			*BootMgfwPathProtocol = FileDevicePath(Handles[Idx], WINDOWS_BOOTMGR_PATH);
+			return EFI_SUCCESS;
+		}

-		VolumeHandle->Close(BootMgfwHandle);
 		if (EFI_ERROR((Result = gBS->CloseProtocol(Handles[Idx], &gEfiSimpleFileSystemProtocolGuid, gImageHandle, NULL))))
 		{
-			Print(L"error closing protocol -> 0x%p\n", Result);
-			return DevicePath;
+			DBG_PRINT("error closing protocol -> 0x%p\n", Result);
+			return Result;
 		}
 	}
-	return DevicePath;
+	return EFI_ABORTED;
 }

-EFI_STATUS EFIAPI InstallBootMgfwHooks(EFI_HANDLE BootMgfwPath)
+EFI_STATUS EFIAPI InstallBootMgfwHooks(EFI_HANDLE ImageHandle)
 {
 	EFI_STATUS Result = EFI_SUCCESS;
 	EFI_LOADED_IMAGE* BootMgfw = NULL;

-	if (EFI_ERROR((Result = gBS->HandleProtocol(BootMgfwPath, &gEfiLoadedImageProtocolGuid, (VOID**)&BootMgfw))))
+	if (EFI_ERROR(Result = gBS->HandleProtocol(ImageHandle, &gEfiLoadedImageProtocolGuid, (VOID**)&BootMgfw)))
 		return Result;

-	Print(L"Image Base -> 0x%p\n", BootMgfw->ImageBase);
-	Print(L"Image Size -> 0x%x\n", BootMgfw->ImageSize);
+	DBG_PRINT("Module base -> 0x%p\n", BootMgfw->ImageBase);
+	DBG_PRINT("Module size -> 0x%x\n", BootMgfw->ImageSize);

 	VOID* ArchStartBootApplication = 
 		FindPattern(
-			BootMgfw->ImageBase, 
+			BootMgfw->ImageBase,
 			BootMgfw->ImageSize,
 			START_BOOT_APPLICATION_SIG, 
 			START_BOOT_APPLICATION_MASK
@ -69,9 +72,9 @@ EFI_STATUS EFIAPI InstallBootMgfwHooks(EFI_HANDLE BootMgfwPath)
 	if (!ArchStartBootApplication)
 		return EFI_ABORTED;

-	Print(L"ArchStartBootApplication -> 0x%p\n", RESOLVE_RVA(ArchStartBootApplication, 5, 1));
+	DBG_PRINT("ArchStartBootApplication -> 0x%p\n", RESOLVE_RVA(ArchStartBootApplication, 5, 1));
 	MakeShitHook(&BootMgfwShitHook, RESOLVE_RVA(ArchStartBootApplication, 5, 1), &ArchStartBootApplicationHook, TRUE);
-	return Result;
+	return EFI_SUCCESS;
 }

 EFI_STATUS EFIAPI ArchStartBootApplicationHook(VOID* AppEntry, VOID* ImageBase, UINT32 ImageSize, UINT8 BootOption, VOID* ReturnArgs)
--- a/(1703-1511)/BootMgfw.h
+++ b/(1703-1511)/BootMgfw.h
@ -10,6 +10,7 @@
 #include <Protocol/SimpleFileSystem.h>
 #include <Protocol/LoadedImage.h>
 #include <IndustryStandard/PeImage.h>
+#include <Library/ShellLib.h>
 #include <Guid/GlobalVariable.h>
 #include "WinLoad.h"

@ -20,6 +21,6 @@ static_assert(sizeof(START_BOOT_APPLICATION_SIG) == sizeof(START_BOOT_APPLICATIO
 #define WINDOWS_BOOTMGR_PATH L"\\efi\\microsoft\\boot\\bootmgfw.efi"
 extern SHITHOOK BootMgfwShitHook;
 typedef EFI_STATUS(EFIAPI* IMG_ARCH_START_BOOT_APPLICATION)(VOID*, VOID*, UINT32, UINT8, VOID*);
-EFI_DEVICE_PATH* EFIAPI GetBootMgfwPath(VOID);
-EFI_STATUS EFIAPI InstallBootMgfwHooks(EFI_HANDLE BootMgfwPath);
+EFI_STATUS EFIAPI GetBootMgfwPath(EFI_DEVICE_PATH_PROTOCOL** BootMgfwPathProtocol);
+EFI_STATUS EFIAPI InstallBootMgfwHooks(EFI_HANDLE ImageHandle);
 EFI_STATUS EFIAPI ArchStartBootApplicationHook(VOID* AppEntry, VOID* ImageBase, UINT32 ImageSize, UINT8 BootOption, VOID* ReturnArgs);
--- a/(1703-1511)/HvLoader.c
+++ b/(1703-1511)/HvLoader.c
@ -5,7 +5,6 @@ SHITHOOK HvLoadImageBufferHook;
 SHITHOOK HvLoadAllocImageHook;
 BOOLEAN ExtendedAllocation = FALSE;
 BOOLEAN HookedHyperV = FALSE;
-CHAR8 ModulePathCString[0x100];

 EFI_STATUS EFIAPI HvBlImgLoadPEImageFromSourceBuffer(VOID* a1, VOID* a2, VOID* a3, VOID* a4, UINT64* ImageBase,
 	UINT32* ImageSize, VOID* a7, VOID* a8, VOID* a9, VOID* a10, VOID* a11, VOID* a12, VOID* a13, VOID* a14, VOID* a15)
@ -72,10 +71,6 @@ EFI_STATUS EFIAPI HvBlImgLoadPEImageFromSourceBuffer(VOID* a1, VOID* a2, VOID* a
 EFI_STATUS EFIAPI HvBlImgLoadPEImageEx(VOID* DeviceId, VOID* MemoryType, CHAR16* Path, UINT64* ImageBase, UINT32* ImageSize,
 	VOID* Hash, VOID* Flags, VOID* a8, VOID* a9, VOID* a10, VOID* a11, VOID* a12, VOID* a13)
 {
-	UnicodeStrToAsciiStr(Path, ModulePathCString);
-	DBG_PRINT("LOADING FROM HVLOADER: ");
-	DBG_PRINT(ModulePathCString);
-
 	DisableShitHook(&HvLoadImageHook);
 	EFI_STATUS Result = ((HV_LDR_LOAD_IMAGE)HvLoadImageHook.Address)(DeviceId, MemoryType, Path, ImageBase, ImageSize, Hash, Flags, a8,
 		a9, a10, a11, a12, a13);
--- a/(1703-1511)/Hvix64.c
+++ b/(1703-1511)/Hvix64.c
@ -33,7 +33,7 @@ VOID* MapModule(PVOYAGER_DATA_T VoyagerData, UINT8* ImageBase)
 		if (AsciiStrStr(VoyagerData->ModuleBase + Name[i], "voyager_context"))
 		{
 			*(VOYAGER_DATA_T*)(VoyagerData->ModuleBase + Address[Ordinal[i]]) = *VoyagerData;
-			break; // DO NOT REMOVE? :|
+			break;
 		}
 	}

@ -110,12 +110,6 @@ VOID MakeVoyagerData
 	UINT64 VmExitHandlerCallRip = (UINT64)VmExitHandlerCall + 5; // + 5 bytes because "call vmexit_c_handler" is 5 bytes
 	UINT64 VmExitFunction = VmExitHandlerCallRip + *(INT32*)((UINT64)(VmExitHandlerCall + 1)); // + 1 to skip E8 (call) and read 4 bytes (RVA)
 	VoyagerData->VmExitHandlerRva = ((UINT64)PayLoadEntry(PayLoadBase)) - (UINT64)VmExitFunction;
-
-	DBG_PRINT("VmExitHandler -> 0x%p\n", VmExitHandler);
-	DBG_PRINT("VmExitHandlerRva -> 0x%x\n", VoyagerData->VmExitHandlerRva);
-	DBG_PRINT("VmExitFunction -> 0x%p\n", VmExitFunction);
-	DBG_PRINT("VmExitHandlerCallRip -> 0x%p\n", VmExitHandlerCallRip);
-	DBG_PRINT("VmExitHandlerCall -> 0x%p\n", VmExitHandlerCall);
 }

 VOID* HookVmExit(VOID* HypervBase, VOID* HypervSize, VOID* VmExitHook)
@ -140,6 +134,5 @@ VOID* HookVmExit(VOID* HypervBase, VOID* HypervSize, VOID* VmExitHook)
 	UINT64 VmExitFunction = VmExitHandlerCallRip + *(INT32*)((UINT64)(VmExitHandlerCall + 1)); // + 1 to skip E8 (call) and read 4 bytes (RVA)
 	INT32 NewVmExitRVA = ((INT64)VmExitHook) - VmExitHandlerCallRip;
 	*(INT32*)((UINT64)(VmExitHandlerCall + 1)) = NewVmExitRVA;
-	DBG_PRINT("NewVmExitRVA -> 0x%x\n", NewVmExitRVA);
 	return VmExitFunction;
 }
--- a/(1703-1511)/UefiMain.c
+++ b/(1703-1511)/UefiMain.c
@ -1,15 +1,12 @@
 #include "BootMgfw.h"

-CHAR8* gEfiCallerBaseName = "Voyager 1";
+CHAR8* gEfiCallerBaseName = "Voyager";
 const UINT32 _gUefiDriverRevision = 0x200;

 EFI_STATUS EFIAPI UefiUnload(
    IN EFI_HANDLE ImageHandle
 )
-{ 
-    Print(L"unloading module from memory...\n");
-    return EFI_SUCCESS; 
-}
+{ return EFI_SUCCESS; }

 EFI_STATUS EFIAPI UefiMain
 (
@ -17,38 +14,29 @@ EFI_STATUS EFIAPI UefiMain
    IN EFI_SYSTEM_TABLE* SystemTable
 )
 {
-    // get the file path to bootmgfw.efi so we can load it...
-    EFI_DEVICE_PATH* BootMgfwPath = GetBootMgfwPath();
-    Print(L"BootMgfwPath -> %p\n", BootMgfwPath);
+    EFI_STATUS Result;
+    EFI_HANDLE BootMgfwHandle;
+    EFI_DEVICE_PATH* BootMgfwPath;

-    if (!BootMgfwPath)
+    if (EFI_ERROR((Result = GetBootMgfwPath(&BootMgfwPath))))
    {
-        Print(L"unable to get bootmgfw file path....\n");
+        Print(L"unable to get bootmgfw file path... reason -> %r\n", Result);
        return EFI_NOT_FOUND;
    }

-    EFI_STATUS Result;
-    EFI_HANDLE BootMgfwHandle;
-
-    // load bootmgfw.efi into memory...
    if (EFI_ERROR((Result = gBS->LoadImage(TRUE, ImageHandle, BootMgfwPath, NULL, 0, &BootMgfwHandle))))
    {
-        Print(L"failed to load bootmgfw.efi...\n");
+        Print(L"failed to load bootmgfw.efi... reason -> %r\n", Result);
        return EFI_ABORTED;
    }

-    Print(L"Loaded bootmgfw.efi into memory...\n");
-
-    if (EFI_ERROR(InstallBootMgfwHooks(BootMgfwHandle)))
+    if (EFI_ERROR((Result = InstallBootMgfwHooks(BootMgfwHandle))))
    {
-        Print(L"Failed to install bootmgfw hooks...\n");
+        Print(L"Failed to install bootmgfw hooks... reason -> %r\n", Result);
        return EFI_ABORTED;
    }

-    Print(L"installed bootmgfw hooks...\n");
-
-    // start bootmgfw.efi...
-    if (EFI_ERROR(gBS->StartImage(BootMgfwHandle, NULL, NULL)))
+    if (EFI_ERROR((Result = gBS->StartImage(BootMgfwHandle, NULL, NULL))))
    {
        Print(L"Failed to start bootmgfw.efi...\n");
        return EFI_ABORTED;
--- a/(2004-1709)/BootMgfw.c
+++ b/(2004-1709)/BootMgfw.c
@ -1,7 +1,7 @@
 #include "BootMgfw.h"

 SHITHOOK BootMgfwShitHook;
-EFI_DEVICE_PATH* EFIAPI GetBootMgfwPath(VOID)
+EFI_STATUS EFIAPI GetBootMgfwPath(EFI_DEVICE_PATH_PROTOCOL** BootMgfwPathProtocol)
 {
 	UINTN HandleCount = NULL;
 	EFI_STATUS Result;
@ -14,8 +14,8 @@ EFI_DEVICE_PATH* EFIAPI GetBootMgfwPath(VOID)
 	// get all the handles to file systems...
 	if (EFI_ERROR((Result = gBS->LocateHandleBuffer(ByProtocol, &gEfiSimpleFileSystemProtocolGuid, NULL, &HandleCount, &Handles))))
 	{
-		Print(L"error getting file system handles -> 0x%p\n", Result);
-		return DevicePath;
+		DBG_PRINT("error getting file system handles -> 0x%p\n", Result);
+		return Result;
 	}

 	// for each handle to the file system, open a protocol with it...
@ -23,28 +23,31 @@ EFI_DEVICE_PATH* EFIAPI GetBootMgfwPath(VOID)
 	{
 		if (EFI_ERROR((Result = gBS->OpenProtocol(Handles[Idx], &gEfiSimpleFileSystemProtocolGuid, (VOID**)&FileSystem, gImageHandle, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL))))
 		{
-			Print(L"error opening protocol -> 0x%p\n", Result);
-			return DevicePath;
+			DBG_PRINT("error opening protocol -> 0x%p\n", Result);
+			return Result;
 		}

 		if (EFI_ERROR((Result = FileSystem->OpenVolume(FileSystem, &VolumeHandle))))
 		{
-			Print(L"error opening file system -> 0x%p\n", Result);
-			return DevicePath;
+			DBG_PRINT("error opening file system -> 0x%p\n", Result);
+			return Result;
 		}

 		// if we found the correct file (\\efi\\microsoft\\boot\\bootmgfw.efi)
 		if (!EFI_ERROR(VolumeHandle->Open(VolumeHandle, &BootMgfwHandle, WINDOWS_BOOTMGR_PATH, EFI_FILE_MODE_READ, EFI_FILE_READ_ONLY)))
-			DevicePath = FileDevicePath(Handles[Idx], WINDOWS_BOOTMGR_PATH);
+		{
+			VolumeHandle->Close(BootMgfwHandle);
+			*BootMgfwPathProtocol = FileDevicePath(Handles[Idx], WINDOWS_BOOTMGR_PATH);
+			return EFI_SUCCESS;
+		}

-		VolumeHandle->Close(BootMgfwHandle);
 		if (EFI_ERROR((Result = gBS->CloseProtocol(Handles[Idx], &gEfiSimpleFileSystemProtocolGuid, gImageHandle, NULL))))
 		{
-			Print(L"error closing protocol -> 0x%p\n", Result);
-			return DevicePath;
+			DBG_PRINT("error closing protocol -> 0x%p\n", Result);
+			return Result;
 		}
 	}
-	return DevicePath;
+	return EFI_ABORTED;
 }

 EFI_STATUS EFIAPI InstallBootMgfwHooks(EFI_HANDLE BootMgfwPath)
@ -57,7 +60,6 @@ EFI_STATUS EFIAPI InstallBootMgfwHooks(EFI_HANDLE BootMgfwPath)

 	Print(L"Image Base -> 0x%p\n", BootMgfw->ImageBase);
 	Print(L"Image Size -> 0x%x\n", BootMgfw->ImageSize);
-
 	VOID* ArchStartBootApplication = 
 		FindPattern(
 			BootMgfw->ImageBase, 
@ -69,7 +71,7 @@ EFI_STATUS EFIAPI InstallBootMgfwHooks(EFI_HANDLE BootMgfwPath)
 	if (!ArchStartBootApplication)
 		return EFI_ABORTED;

-	Print(L"ArchStartBootApplication -> 0x%p\n", ArchStartBootApplication);
+	DBG_PRINT(L"ArchStartBootApplication -> 0x%p\n", ArchStartBootApplication);
 	MakeShitHook(&BootMgfwShitHook, ArchStartBootApplication, &ArchStartBootApplicationHook, TRUE);
 	return Result;
 }
--- a/(2004-1709)/BootMgfw.h
+++ b/(2004-1709)/BootMgfw.h
@ -28,6 +28,6 @@ static_assert(sizeof(START_BOOT_APPLICATION_SIG) == sizeof(START_BOOT_APPLICATIO
 #define WINDOWS_BOOTMGR_PATH L"\\efi\\microsoft\\boot\\bootmgfw.efi"
 extern SHITHOOK BootMgfwShitHook;
 typedef EFI_STATUS(EFIAPI* IMG_ARCH_START_BOOT_APPLICATION)(VOID*, VOID*, UINT32, UINT8, VOID*);
-EFI_DEVICE_PATH* EFIAPI GetBootMgfwPath(VOID);
+EFI_STATUS EFIAPI GetBootMgfwPath(EFI_DEVICE_PATH_PROTOCOL** BootMgfwPathProtocol);
 EFI_STATUS EFIAPI InstallBootMgfwHooks(EFI_HANDLE BootMgfwPath);
 EFI_STATUS EFIAPI ArchStartBootApplicationHook(VOID* AppEntry, VOID* ImageBase, UINT32 ImageSize, UINT8 BootOption, VOID* ReturnArgs);
--- a/(2004-1709)/Hvix64.h
+++ b/(2004-1709)/Hvix64.h
@ -22,7 +22,6 @@
 #elif WINVER == 1703
 #define VMEXIT_HANDLER_SIG "\xD0\x80\x3D\x74\xCC\x47\x00\x00\x0F\x84\x00\x00\x00\x00\x48\x8B\x54\x24\x00\xE8\x00\x00\x00\x00\xE9"
 #define VMEXIT_HANDLER_MASK "xxxxxx??xx????xxxx?x????x"
-#elif WINVER == 1607
 #endif

 static_assert(sizeof(VMEXIT_HANDLER_SIG) == sizeof(VMEXIT_HANDLER_MASK), "signature does not match mask size!");
--- a/(2004-1709)/UefiMain.c
+++ b/(2004-1709)/UefiMain.c
@ -1,15 +1,13 @@
 #include "BootMgfw.h"
+#include <Library/ShellLib.h>

-CHAR8* gEfiCallerBaseName = "Voyager 1";
+CHAR8* gEfiCallerBaseName = "Voyager";
 const UINT32 _gUefiDriverRevision = 0x200;

 EFI_STATUS EFIAPI UefiUnload(
    IN EFI_HANDLE ImageHandle
 )
-{ 
-    Print(L"unloading module from memory...\n");
-    return EFI_SUCCESS; 
-}
+{ return EFI_SUCCESS; }

 EFI_STATUS EFIAPI UefiMain
 (
@ -17,37 +15,28 @@ EFI_STATUS EFIAPI UefiMain
    IN EFI_SYSTEM_TABLE* SystemTable
 )
 {
-    // get the file path to bootmgfw.efi so we can load it...
-    EFI_DEVICE_PATH* BootMgfwPath = GetBootMgfwPath();
-    Print(L"BootMgfwPath -> %p\n", BootMgfwPath);
+    EFI_STATUS Result;
+    EFI_HANDLE BootMgfwHandle;
+    EFI_DEVICE_PATH* BootMgfwPath;

-    if (!BootMgfwPath)
+    if (EFI_ERROR((Result = GetBootMgfwPath(&BootMgfwPath))))
    {
-        Print(L"unable to get bootmgfw file path....\n");
+        Print(L"unable to get bootmgfw file path... reason -> %r\n", Result);
        return EFI_NOT_FOUND;
    }

-    EFI_STATUS Result;
-    EFI_HANDLE BootMgfwHandle;
-
-    // load bootmgfw.efi into memory...
    if (EFI_ERROR((Result = gBS->LoadImage(TRUE, ImageHandle, BootMgfwPath, NULL, 0, &BootMgfwHandle))))
    {
        Print(L"failed to load bootmgfw.efi...\n");
        return EFI_ABORTED;
    }

-    Print(L"Loaded bootmgfw.efi into memory...\n");
-
    if (EFI_ERROR(InstallBootMgfwHooks(BootMgfwHandle)))
    {
        Print(L"Failed to install bootmgfw hooks...\n");
        return EFI_ABORTED;
    }

-    Print(L"installed bootmgfw hooks...\n");
-
-    // start bootmgfw.efi...
    if (EFI_ERROR(gBS->StartImage(BootMgfwHandle, NULL, NULL)))
    {
        Print(L"Failed to start bootmgfw.efi...\n");
--- a/Voyager.sln
+++ b/Voyager.sln
@ -7,9 +7,13 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "PayLoad (Intel)", "PayLoad
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Example", "Usermode Example\Example.vcxproj", "{09B41831-3164-48AD-8660-23457D82B73B}"
 EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Voyager 1 (1703-1511)", "Voyager (1703-1511)\Voyager 1703.vcxproj", "{C4B6B437-62DF-4166-9023-44CFC8A52258}"
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Voyager (1703-1511)", "Voyager (1703-1511)\Voyager 1703.vcxproj", "{C4B6B437-62DF-4166-9023-44CFC8A52258}"
 EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Voyager 1 (2004-1709)", "Voyager (2004-1709)\Voyager 1.vcxproj", "{540D433F-C2DF-49A6-895C-F5C74B014777}"
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Voyager (2004-1709)", "Voyager (2004-1709)\Voyager 1.vcxproj", "{540D433F-C2DF-49A6-895C-F5C74B014777}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Efi Bundler", "Efi Bundler\Efi Bundler.vcxproj", "{EE860038-E3DD-4329-8D44-DF8B9ECBE420}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "PayLoad (AMD)", "PayLoad (AMD)\PayLoad (AMD).vcxproj", "{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
@ -83,6 +87,42 @@ Global
 		{540D433F-C2DF-49A6-895C-F5C74B014777}.Release|x64.Build.0 = Release|x64
 		{540D433F-C2DF-49A6-895C-F5C74B014777}.Release|x86.ActiveCfg = Release|Win32
 		{540D433F-C2DF-49A6-895C-F5C74B014777}.Release|x86.Build.0 = Release|Win32
+		{EE860038-E3DD-4329-8D44-DF8B9ECBE420}.Debug|ARM.ActiveCfg = Debug|Win32
+		{EE860038-E3DD-4329-8D44-DF8B9ECBE420}.Debug|ARM64.ActiveCfg = Debug|Win32
+		{EE860038-E3DD-4329-8D44-DF8B9ECBE420}.Debug|x64.ActiveCfg = Debug|x64
+		{EE860038-E3DD-4329-8D44-DF8B9ECBE420}.Debug|x64.Build.0 = Debug|x64
+		{EE860038-E3DD-4329-8D44-DF8B9ECBE420}.Debug|x86.ActiveCfg = Debug|Win32
+		{EE860038-E3DD-4329-8D44-DF8B9ECBE420}.Debug|x86.Build.0 = Debug|Win32
+		{EE860038-E3DD-4329-8D44-DF8B9ECBE420}.Release|ARM.ActiveCfg = Release|Win32
+		{EE860038-E3DD-4329-8D44-DF8B9ECBE420}.Release|ARM64.ActiveCfg = Release|Win32
+		{EE860038-E3DD-4329-8D44-DF8B9ECBE420}.Release|x64.ActiveCfg = Release|x64
+		{EE860038-E3DD-4329-8D44-DF8B9ECBE420}.Release|x64.Build.0 = Release|x64
+		{EE860038-E3DD-4329-8D44-DF8B9ECBE420}.Release|x86.ActiveCfg = Release|Win32
+		{EE860038-E3DD-4329-8D44-DF8B9ECBE420}.Release|x86.Build.0 = Release|Win32
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Debug|ARM.ActiveCfg = Debug|ARM
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Debug|ARM.Build.0 = Debug|ARM
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Debug|ARM.Deploy.0 = Debug|ARM
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Debug|ARM64.ActiveCfg = Debug|ARM64
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Debug|ARM64.Build.0 = Debug|ARM64
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Debug|ARM64.Deploy.0 = Debug|ARM64
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Debug|x64.ActiveCfg = Debug|x64
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Debug|x64.Build.0 = Debug|x64
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Debug|x64.Deploy.0 = Debug|x64
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Debug|x86.ActiveCfg = Debug|Win32
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Debug|x86.Build.0 = Debug|Win32
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Debug|x86.Deploy.0 = Debug|Win32
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Release|ARM.ActiveCfg = Release|ARM
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Release|ARM.Build.0 = Release|ARM
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Release|ARM.Deploy.0 = Release|ARM
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Release|ARM64.ActiveCfg = Release|ARM64
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Release|ARM64.Build.0 = Release|ARM64
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Release|ARM64.Deploy.0 = Release|ARM64
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Release|x64.ActiveCfg = Release|x64
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Release|x64.Build.0 = Release|x64
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Release|x64.Deploy.0 = Release|x64
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Release|x86.ActiveCfg = Release|Win32
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Release|x86.Build.0 = Release|Win32
+		{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Release|x86.Deploy.0 = Release|Win32
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE