diff --git a/UNTOUCHED.zip b/UNTOUCHED.zip
new file mode 100644
index 0000000..dc29725
Binary files /dev/null and b/UNTOUCHED.zip differ
diff --git a/amlegit_cpp/amlegit_dll/amlegit_dll.cpp b/amlegit_cpp/amlegit_dll/amlegit_dll.cpp
new file mode 100644
index 0000000..d2e1f60
--- /dev/null
+++ b/amlegit_cpp/amlegit_dll/amlegit_dll.cpp
@@ -0,0 +1,22 @@
+// amlegit_dll.cpp : Defines the exported functions for the DLL.
+//
+
+#include "pch.h"
+#include "framework.h"
+#include "amlegit_dll.h"
+
+
+// This is an example of an exported variable
+AMLEGITDLL_API int namlegitdll=0;
+
+// This is an example of an exported function.
+AMLEGITDLL_API int fnamlegitdll(void)
+{
+ return 0;
+}
+
+// This is the constructor of a class that has been exported.
+Camlegitdll::Camlegitdll()
+{
+ return;
+}
diff --git a/amlegit_cpp/amlegit_dll/amlegit_dll.h b/amlegit_cpp/amlegit_dll/amlegit_dll.h
new file mode 100644
index 0000000..03436d3
--- /dev/null
+++ b/amlegit_cpp/amlegit_dll/amlegit_dll.h
@@ -0,0 +1,22 @@
+// The following ifdef block is the standard way of creating macros which make exporting
+// from a DLL simpler. All files within this DLL are compiled with the AMLEGITDLL_EXPORTS
+// symbol defined on the command line. This symbol should not be defined on any project
+// that uses this DLL. This way any other project whose source files include this file see
+// AMLEGITDLL_API functions as being imported from a DLL, whereas this DLL sees symbols
+// defined with this macro as being exported.
+#ifdef AMLEGITDLL_EXPORTS
+#define AMLEGITDLL_API __declspec(dllexport)
+#else
+#define AMLEGITDLL_API __declspec(dllimport)
+#endif
+
+// This class is exported from the dll
+class AMLEGITDLL_API Camlegitdll {
+public:
+ Camlegitdll(void);
+ // TODO: add your methods here.
+};
+
+extern AMLEGITDLL_API int namlegitdll;
+
+AMLEGITDLL_API int fnamlegitdll(void);
diff --git a/amlegit_cpp/amlegit_dll/amlegit_dll.vcxproj b/amlegit_cpp/amlegit_dll/amlegit_dll.vcxproj
new file mode 100644
index 0000000..0fe1a32
--- /dev/null
+++ b/amlegit_cpp/amlegit_dll/amlegit_dll.vcxproj
@@ -0,0 +1,182 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ x64
+
+
+
+ 16.0
+ {0DC4C851-FA89-47FE-A891-C7590376D2C2}
+ Win32Proj
+ amlegitdll
+ 10.0
+
+
+
+ DynamicLibrary
+ true
+ v142
+ Unicode
+ false
+
+
+ DynamicLibrary
+ false
+ v142
+ true
+ Unicode
+ false
+
+
+ DynamicLibrary
+ true
+ v142
+ Unicode
+ false
+
+
+ DynamicLibrary
+ false
+ v142
+ true
+ Unicode
+ false
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ hello_world
+ false
+
+
+ hello_world
+ true
+
+
+ hello_world
+ true
+
+
+ hello_world
+ false
+
+
+
+ Use
+ Level3
+ true
+ true
+ true
+ NDEBUG;AMLEGITDLL_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
+ true
+ pch.h
+
+
+ Windows
+ true
+ true
+ true
+ false
+
+
+
+
+ Use
+ Level3
+ true
+ WIN32;_DEBUG;AMLEGITDLL_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
+ true
+ pch.h
+
+
+ Windows
+ true
+ false
+
+
+
+
+ Use
+ Level3
+ true
+ _DEBUG;AMLEGITDLL_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
+ true
+ pch.h
+
+
+ Windows
+ true
+ false
+
+
+
+
+ Use
+ Level3
+ true
+ true
+ true
+ WIN32;NDEBUG;AMLEGITDLL_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)
+ true
+ pch.h
+
+
+ Windows
+ true
+ true
+ true
+ false
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Create
+ Create
+ Create
+ Create
+
+
+
+
+
+
\ No newline at end of file
diff --git a/amlegit_cpp/amlegit_dll/amlegit_dll.vcxproj.filters b/amlegit_cpp/amlegit_dll/amlegit_dll.vcxproj.filters
new file mode 100644
index 0000000..0b624d1
--- /dev/null
+++ b/amlegit_cpp/amlegit_dll/amlegit_dll.vcxproj.filters
@@ -0,0 +1,42 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+
+
+
+
+
+ Header Files
+
+
+ Header Files
+
+
+ Header Files
+
+
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+
\ No newline at end of file
diff --git a/amlegit_cpp/amlegit_dll/amlegit_dll.vcxproj.user b/amlegit_cpp/amlegit_dll/amlegit_dll.vcxproj.user
new file mode 100644
index 0000000..88a5509
--- /dev/null
+++ b/amlegit_cpp/amlegit_dll/amlegit_dll.vcxproj.user
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/amlegit_cpp/amlegit_dll/cpp.hint b/amlegit_cpp/amlegit_dll/cpp.hint
new file mode 100644
index 0000000..b8f8fbf
--- /dev/null
+++ b/amlegit_cpp/amlegit_dll/cpp.hint
@@ -0,0 +1,2 @@
+#define AMLEGITDLL_API __declspec(dllexport)
+#define AMLEGITDLL_API __declspec(dllimport)
diff --git a/amlegit_cpp/amlegit_dll/dllmain.cpp b/amlegit_cpp/amlegit_dll/dllmain.cpp
new file mode 100644
index 0000000..1b8576e
--- /dev/null
+++ b/amlegit_cpp/amlegit_dll/dllmain.cpp
@@ -0,0 +1,39 @@
+// dllmain.cpp : Defines the entry point for the DLL application.
+#include "pch.h"
+
+void __stdcall main_thread(HMODULE current_module)
+{
+
+ const auto create_console = []() -> bool
+ {
+ if (AllocConsole()) {
+ freopen_s(reinterpret_cast(stdin), "CONIN$", "r", stdin);
+ freopen_s(reinterpret_cast(stdout), "CONOUT$", "w", stdout);
+ SetConsoleTitleA("[amlegit_dll] - xerox@hacks.ltd");
+ return true;
+ }
+ return false;
+ };
+
+ //check to make sure we actually alloc console
+ if (!create_console())
+ FreeLibraryAndExitThread(current_module, EXIT_FAILURE);
+
+ std::cout << "[+] Hello world" << std::endl;
+
+ FreeConsole();
+ FreeLibraryAndExitThread(current_module, EXIT_SUCCESS);
+}
+
+bool __stdcall DllMain(HMODULE module_entry, std::uint32_t call_reason, void*) {
+
+ if (call_reason == DLL_PROCESS_ATTACH)
+ if (CreateThread(nullptr, 0, reinterpret_cast(main_thread), module_entry, 0, nullptr) != INVALID_HANDLE_VALUE)
+ return true;
+ else
+ FreeLibraryAndExitThread(module_entry, EXIT_FAILURE);
+ else
+ return false;
+}
+
+
diff --git a/amlegit_cpp/amlegit_dll/framework.h b/amlegit_cpp/amlegit_dll/framework.h
new file mode 100644
index 0000000..25270eb
--- /dev/null
+++ b/amlegit_cpp/amlegit_dll/framework.h
@@ -0,0 +1,7 @@
+#pragma once
+
+#define WIN32_LEAN_AND_MEAN // Exclude rarely-used stuff from Windows headers
+// Windows Header Files
+#include
+#include
+#include
\ No newline at end of file
diff --git a/amlegit_cpp/amlegit_dll/pch.cpp b/amlegit_cpp/amlegit_dll/pch.cpp
new file mode 100644
index 0000000..64b7eef
--- /dev/null
+++ b/amlegit_cpp/amlegit_dll/pch.cpp
@@ -0,0 +1,5 @@
+// pch.cpp: source file corresponding to the pre-compiled header
+
+#include "pch.h"
+
+// When you are using pre-compiled headers, this source file is necessary for compilation to succeed.
diff --git a/amlegit_cpp/amlegit_dll/pch.h b/amlegit_cpp/amlegit_dll/pch.h
new file mode 100644
index 0000000..885d5d6
--- /dev/null
+++ b/amlegit_cpp/amlegit_dll/pch.h
@@ -0,0 +1,13 @@
+// pch.h: This is a precompiled header file.
+// Files listed below are compiled only once, improving build performance for future builds.
+// This also affects IntelliSense performance, including code completion and many code browsing features.
+// However, files listed here are ALL re-compiled if any one of them is updated between builds.
+// Do not add files here that you will be updating frequently as this negates the performance advantage.
+
+#ifndef PCH_H
+#define PCH_H
+
+// add headers that you want to pre-compile here
+#include "framework.h"
+
+#endif //PCH_H
diff --git a/amlegit_cpp/amlegit_driver.sln b/amlegit_cpp/amlegit_driver.sln
new file mode 100644
index 0000000..70ddc90
--- /dev/null
+++ b/amlegit_cpp/amlegit_driver.sln
@@ -0,0 +1,41 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.29519.181
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "amlegit_driver", "amlegit_driver\amlegit_driver.vcxproj", "{6CFA63DA-34DE-46E7-81BA-876CF3267A4F}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "amlegit_dll", "amlegit_dll\amlegit_dll.vcxproj", "{0DC4C851-FA89-47FE-A891-C7590376D2C2}"
+EndProject
+Global
+ GlobalSection(SolutionConfigurationPlatforms) = preSolution
+ Debug|x64 = Debug|x64
+ Debug|x86 = Debug|x86
+ Release|x64 = Release|x64
+ Release|x86 = Release|x86
+ EndGlobalSection
+ GlobalSection(ProjectConfigurationPlatforms) = postSolution
+ {6CFA63DA-34DE-46E7-81BA-876CF3267A4F}.Debug|x64.ActiveCfg = Debug|x64
+ {6CFA63DA-34DE-46E7-81BA-876CF3267A4F}.Debug|x64.Build.0 = Debug|x64
+ {6CFA63DA-34DE-46E7-81BA-876CF3267A4F}.Debug|x86.ActiveCfg = Debug|Win32
+ {6CFA63DA-34DE-46E7-81BA-876CF3267A4F}.Debug|x86.Build.0 = Debug|Win32
+ {6CFA63DA-34DE-46E7-81BA-876CF3267A4F}.Release|x64.ActiveCfg = Release|x64
+ {6CFA63DA-34DE-46E7-81BA-876CF3267A4F}.Release|x64.Build.0 = Release|x64
+ {6CFA63DA-34DE-46E7-81BA-876CF3267A4F}.Release|x86.ActiveCfg = Release|Win32
+ {6CFA63DA-34DE-46E7-81BA-876CF3267A4F}.Release|x86.Build.0 = Release|Win32
+ {0DC4C851-FA89-47FE-A891-C7590376D2C2}.Debug|x64.ActiveCfg = Debug|x64
+ {0DC4C851-FA89-47FE-A891-C7590376D2C2}.Debug|x64.Build.0 = Debug|x64
+ {0DC4C851-FA89-47FE-A891-C7590376D2C2}.Debug|x86.ActiveCfg = Debug|Win32
+ {0DC4C851-FA89-47FE-A891-C7590376D2C2}.Debug|x86.Build.0 = Debug|Win32
+ {0DC4C851-FA89-47FE-A891-C7590376D2C2}.Release|x64.ActiveCfg = Release|x64
+ {0DC4C851-FA89-47FE-A891-C7590376D2C2}.Release|x64.Build.0 = Release|x64
+ {0DC4C851-FA89-47FE-A891-C7590376D2C2}.Release|x86.ActiveCfg = Release|Win32
+ {0DC4C851-FA89-47FE-A891-C7590376D2C2}.Release|x86.Build.0 = Release|Win32
+ EndGlobalSection
+ GlobalSection(SolutionProperties) = preSolution
+ HideSolutionNode = FALSE
+ EndGlobalSection
+ GlobalSection(ExtensibilityGlobals) = postSolution
+ SolutionGuid = {37C72252-9A1B-4F3A-9964-E00F3268EF98}
+ EndGlobalSection
+EndGlobal
diff --git a/amlegit_cpp/amlegit_driver/amlegit.hpp b/amlegit_cpp/amlegit_driver/amlegit.hpp
new file mode 100644
index 0000000..3c9babc
--- /dev/null
+++ b/amlegit_cpp/amlegit_driver/amlegit.hpp
@@ -0,0 +1,65 @@
+#include
+#include
+#include
+
+#pragma once
+//--- amlegit dll functions
+namespace amlegit
+{
+ //--- function is only for extracting the driver
+ static std::tuple get_driver()
+ {
+ auto get_driver_temp =
+ reinterpret_cast<__int64(*)(unsigned*)>(
+ GetProcAddress(LoadLibrary(L"buffer.dll"), "GetDriver"));
+ unsigned driver_size;
+ if (get_driver_temp)
+ return { get_driver_temp(&driver_size), driver_size };
+ return { {}, {} };
+ }
+
+ //--- this function calls GetDriver inside buffer.dll
+ static bool load_driver()
+ {
+ auto load_drv =
+ reinterpret_cast(
+ GetProcAddress(LoadLibrary(L"buffer.dll"), "ExportLoad"));
+ return load_drv ? load_drv() : false;
+ }
+
+ //--- driver_name is the name of the driver which is in current working directory
+ static bool map_driver(const char* driver_name)
+ {
+ auto map_drv =
+ reinterpret_cast(
+ GetProcAddress(LoadLibrary(L"mmap.dll"), "ExportMap"));
+ return map_drv ? map_drv(driver_name) : false;
+ }
+
+ //--- hooks ioctl of gpuenergydrv.sys
+ static bool connect_driver()
+ {
+ auto connect_drv =
+ reinterpret_cast(
+ GetProcAddress(LoadLibrary(L"inject.dll"), "ExportConnect"));
+ return connect_drv ? connect_drv() : false;
+ }
+
+ //--- pasted from: https://github.com/btbd/hwid
+ static bool spoof()
+ {
+ auto spoof_addr =
+ reinterpret_cast(
+ GetProcAddress(LoadLibrary(L"inject.dll"), "ExportSpoof"));
+ return spoof_addr ? spoof_addr() : false;
+ }
+
+ //--- this doesnt hide memory!
+ static bool inject(const char* wind_name, const char* dll_name)
+ {
+ auto inject_addr =
+ reinterpret_cast(
+ GetProcAddress(LoadLibrary(L"inject.dll"), "ExportInject"));
+ return inject_addr ? inject_addr(wind_name, dll_name) : false;
+ }
+}
\ No newline at end of file
diff --git a/amlegit_cpp/amlegit_driver/amlegit_driver.cpp b/amlegit_cpp/amlegit_driver/amlegit_driver.cpp
new file mode 100644
index 0000000..8ad25f7
--- /dev/null
+++ b/amlegit_cpp/amlegit_driver/amlegit_driver.cpp
@@ -0,0 +1,40 @@
+#include
+#include
+#include
+#include "amlegit.hpp"
+#include "hooked_functions.hpp"
+
+using namespace std;
+
+/*
+ Warning! This will get you banned, do not use this!
+*/
+int main()
+{
+ //--- hook DeviceIoControl
+ hook::install(&DeviceIoControl, &shithook::h_device_io_control);
+
+ //--- get driver buffer
+ auto [driver_ptr, driver_size] = amlegit::get_driver();
+ cout << hex << showbase << "[+] driver_ptr: " << driver_ptr << endl;
+ cout << hex << showbase << "[+] driver_size: " << driver_size << endl;
+
+ //--- writes driver to file
+ ofstream driver(filesystem::path("driver.sys"), std::ofstream::out | std::ofstream::binary);
+ driver.write(reinterpret_cast(driver_ptr), driver_size);
+ driver.close();
+ cout << "[+] wrote driver to disk" << endl;
+
+ //--- load driver
+ amlegit::load_driver();
+ cout << "[+] loaded intel lan driver" << endl;
+ amlegit::map_driver("driver.sys");
+ cout << "[+] mapped unsigned driver" << endl;
+ amlegit::connect_driver();
+ cout << "[+] connected to driver" << endl;
+
+ //--- inject dll into process with window name
+ amlegit::inject("Rainbow Six", "hello_world.dll");
+ cout << "[+] injected dll" << endl;
+ cin.get();
+}
diff --git a/amlegit_cpp/amlegit_driver/amlegit_driver.vcxproj b/amlegit_cpp/amlegit_driver/amlegit_driver.vcxproj
new file mode 100644
index 0000000..3877ee0
--- /dev/null
+++ b/amlegit_cpp/amlegit_driver/amlegit_driver.vcxproj
@@ -0,0 +1,169 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ x64
+
+
+
+ 16.0
+ {6CFA63DA-34DE-46E7-81BA-876CF3267A4F}
+ Win32Proj
+ amlegitdriver
+ 10.0
+
+
+
+ Application
+ true
+ v142
+ Unicode
+ false
+
+
+ Application
+ false
+ v142
+ true
+ Unicode
+ false
+
+
+ Application
+ true
+ v142
+ Unicode
+ false
+
+
+ Application
+ false
+ v142
+ true
+ Unicode
+ false
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ true
+
+
+ true
+
+
+ false
+
+
+ false
+
+
+
+
+
+ Level3
+ true
+ WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)
+ true
+ stdcpplatest
+
+
+ Console
+ true
+
+
+
+
+
+
+ Level3
+ true
+ _DEBUG;_CONSOLE;%(PreprocessorDefinitions)
+ true
+ stdcpplatest
+
+
+ Console
+ true
+
+
+
+
+
+
+ Level3
+ true
+ true
+ true
+ WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)
+ true
+ stdcpplatest
+
+
+ Console
+ true
+ true
+ true
+
+
+
+
+
+
+ Level3
+ true
+ true
+ true
+ NDEBUG;_CONSOLE;%(PreprocessorDefinitions)
+ true
+ stdcpplatest
+
+
+ Console
+ true
+ true
+ true
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/amlegit_cpp/amlegit_driver/amlegit_driver.vcxproj.filters b/amlegit_cpp/amlegit_driver/amlegit_driver.vcxproj.filters
new file mode 100644
index 0000000..1095f62
--- /dev/null
+++ b/amlegit_cpp/amlegit_driver/amlegit_driver.vcxproj.filters
@@ -0,0 +1,36 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+
+
+ Source Files
+
+
+ Source Files
+
+
+
+
+ Header Files
+
+
+ Header Files
+
+
+ Header Files
+
+
+
\ No newline at end of file
diff --git a/amlegit_cpp/amlegit_driver/amlegit_driver.vcxproj.user b/amlegit_cpp/amlegit_driver/amlegit_driver.vcxproj.user
new file mode 100644
index 0000000..88a5509
--- /dev/null
+++ b/amlegit_cpp/amlegit_driver/amlegit_driver.vcxproj.user
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/amlegit_cpp/amlegit_driver/hook.cpp b/amlegit_cpp/amlegit_driver/hook.cpp
new file mode 100644
index 0000000..3b06168
--- /dev/null
+++ b/amlegit_cpp/amlegit_driver/hook.cpp
@@ -0,0 +1,42 @@
+#include "hook.hpp"
+
+namespace hook
+{
+ //--- default constructor
+ detour::detour(void* addr_to_hook, void* jmp_to_addr)
+ : hook_addr((std::uintptr_t)addr_to_hook), detour_addr((std::uintptr_t)jmp_to_addr)
+ {
+ //finish the shellcode by adding the address to jmp to
+ *(uintptr_t*)(jmp_code + OFFSET_TO_ADDRESS) = (std::uintptr_t)jmp_to_addr;
+ //save old bytes
+ memcpy(org_bytes, (void*)hook_addr, JMP_CODE_SIZE);
+ //install the hook.
+ install();
+ }
+
+ detour::~detour()
+ {uninstall();}
+
+ void detour::install()
+ {
+ //install the hook.
+ write_to_readonly((void *)hook_addr, jmp_code, JMP_CODE_SIZE);
+ hook_installed = true;
+ }
+
+ void detour::uninstall()
+ {
+ //write the original bytes back.
+ write_to_readonly((void *)hook_addr, org_bytes, JMP_CODE_SIZE);
+ hook_installed = false;
+ }
+
+ uintptr_t detour::hook_address()
+ {return hook_addr;}
+
+ uintptr_t detour::detour_address()
+ {return detour_addr;}
+
+ bool detour::installed()
+ {return hook_installed;}
+}
\ No newline at end of file
diff --git a/amlegit_cpp/amlegit_driver/hook.hpp b/amlegit_cpp/amlegit_driver/hook.hpp
new file mode 100644
index 0000000..f22135b
--- /dev/null
+++ b/amlegit_cpp/amlegit_driver/hook.hpp
@@ -0,0 +1,109 @@
+#pragma once
+#include
+#include